ForgeRock is introducing a new capability for passwordless authentication, called Enterprise Connect Passwordless, to its flagship Identity Platform product. This new feature is intended to help eliminate the need for user passwords in large organizations. ForgeRock has partnered with Secret Double Octopus, an Israel-based company, to offer this feature set. The goal is to allow companies to integrate passwordless technology into their enterprise IT infrastructure and provide end-users with a unified login approach to all their applications.
According to Peter Barker, ForgeRock’s Chief Product Officer, while ForgeRock already offers passwordless authentication for mobile and web applications, the new Enterprise Connect Passwordless authentication extends passwordless capabilities to common enterprise infrastructure like workstations, databases, servers, and VPNs. This will enable companies to take advantage of prevalent passwordless authentication technologies such as biometrics (e.g., face, finger, and voice recognition), security keys, software keys, certificates, and behavioral analysis.
ForgeRock offers no-code identity orchestration
Enterprise Connect Passwordless leverages no-code and low-code identity orchestration technology that is designed to provide organizations with a streamlined way to implement passwordless login access for end-user applications. According to the company, this technology is built natively into their unified platform, and orchestration journeys provide a low-code, no-code approach to effortlessly create, define, and administer access experiences within ForgeRock to improve employees’, contractors’, partners’, and consumers’ login experiences.
Peter Barker, ForgeRock’s Chief Product Officer, explained that the drag-and-drop configuration of the orchestration technology makes it easy for teams to add security signal analysis, third-party integrations, and create simplified user registration, lost device, and help-desk flows.
Moreover, the orchestration technology allows organizations to adopt a passwordless access technology framework at their own pace, starting with one application and then moving to other resources, without it being an “all or nothing” experience. Barker stated that organizations can define and deploy different run-time passwordless login access schemes to different users depending on context and micro-segment select users for passwordless user acceptance testing (UAT).
Enterprise Connect centralizes passwordless authentication
Through its partnership with Secret Double Octopus, ForgeRock’s enterprise clients can now allow their end-users to access their devices using security keys like YubiKey without having to remember and input passwords. The significant improvement of this partnership is the centralized management of passwordless authentication on endpoint devices in addition to traditional access points such as web and SaaS apps, according to Steve Brasen, research director at Enterprise Management Associates.
ForgeRock’s Identity Platform supports passwordless authentication capabilities through FIDO2 WebAuthn standards, and the Enterprise Connect Passwordless feature extends this capability to endpoint devices. This unifies single sign-ons (SSOs) so that once users log into their desktops, they do not need to re-authenticate to access other business resources. The FIDO Alliance standard aims to help reduce the world’s reliance on passwords, according to the group’s website. ForgeRock plans to release the Enterprise Connect Passwordless capabilities in the second quarter of 2023, and this new feature will be available at no extra cost for current customers.
Go to Source
Author:
