The timing of Gartner’s new Market Guide coincides with the launch of Intercede’s Enterprise Managed FIDO Authentication with YubiKeys solution
Intercede, a leading provider in the managing digital identities space, has been recognized as a Representative Vendor in the Gartner Market Guide for User Authentication. “Client interest in passwordless authentication, whether to enhance user experience or mitigate account takeover risks, remains high. Fast IDentity Online 2 (FIDO2), including passkeys, is strategically important; however, it is not a universal solution. Other approaches can provide significant value in the short to midterm.” says the report.
“If you want a higher level of credential and identity assurance a management solution that uses a passkey bound to a secure device, such as a YubiKey is the way forward.”
Allen Storey, Chief Product Officer at Intercede
It further states “Attacks against incumbent multifactor authentication (MFA) methods are driving interest in phishing-resistant MFA and robust identity verification for credentialing and account recovery.”
The timing of Gartner’s new Market Guide coincides with the launch of Intercede’s Enterprise Managed FIDO Authentication with YubiKeys solution, that was unveiled at the Authenticate Conference in San Diego (16th – 18th October 2023). This single centralised, standardised and affordable best-of-breed solution combines the YubiKey hardware token from Yubico, with Intercede’s MFA solution, to reduce the complexity and time taken to deploy and benefit from the use of FIDO credentials. In doing so it makes it possible for enterprises to implement better security, phishing resistance and passwordless FIDO authentication.
In considering the direction of the market, Gartner states in its Market Guide that “IAM leaders will seek passwordless authentication methods, with FIDO2 methods dominating within the next three years”.
Allen Storey, Chief Product Officer at Intercede gives some advice for organisations looking to make the transition: “When you are considering the security of authentication it needs to be done on a sliding scale. Replacing passwords with passkeys will certainly be more secure and afford a high level of phishing resistance. However, passkeys that are managed by phone or computer operating systems are automatically synced between the user’s devices via a cloud service and can be easily shared without the organisation being aware. If you want a higher level of credential and identity assurance a management solution that uses a passkey bound to a secure device, such as a YubiKey is the way forward.”
The shift to passwordless has been mooted for many years with the lack of an overwhelming heir apparent technology and a degree of apathy delaying an en-masse migration. The reality is that many organisations will continue to use passwords for some time. Storey also offers the following guidance: “If what you are protecting with passwords is valuable to your organisation, then I strongly suggest against waiting for a perfect solution before acting. If passwords are going to continue to be used it is imperative to be alert to accounts that have been compromised or breached. Better password practices can start today with the use of a Password Breach Database to ascertain the level of protect passwords in active usage are giving. This can be augmented by Password Management System that ensures users adhere to password best practice.”