Cisco Secure introduced Duo, a passwordless security system that will allow members of an organization to bypass the password and reliably log into cloud applications through digital keys or biometrics embedded in laptops and smartphones.
It is well known that passwords can be easily compromised and are difficult to manage, costing companies billions of dollars a year.
Users are inundated with passwords in their personal and professional lives, and reset requests make up the majority of IT support requests, resulting in lost productivity for users and increased support costs for the enterprise.
Duo passwordless authentication is part of the Cisco Zero-Trust platform, available from any device and for any application or IT environment.
Cisco offers to strengthen authentication for accessing cloud applications protected by Duo single sign-on (SSO) and third-party identity and SSO providers by leveraging the platform’s digital keys and biometrics, such as Apple FaceID and TouchID, and Windows Hello.
Pairing passwordless authentication with Duo SSO enables organizations to consolidate hundreds of passwords and authentications into a single sign-on for users in cloud applications.
The system provides one security tool for all authentication scenarios thanks to Duo’s support for hundreds of applications and identity providers, without requiring infrastructure changes.
It reduces the risk of password-related threats and vulnerabilities such as phishing, stolen or weak passwords, password reuse, brute force, man-made attacks, and password database compromising.
This system adds layers of security to authentication with device health and behavior monitoring controls through Duo’s suite of secure access products, further reducing the risk in the event that a biometric is stolen or ineffective.
In addition, it reduces the administrative burden of password-related support invoices and password resets.
Duo passwordless authentication leverages Web authentication (WebAuthn) based on asymmetric cryptography, which allows biometric data to be securely stored on and validated by the device, locally, rather than in a centralized database.
Duo helps drive the ratification of WebAuthn as an official Web standard and its adoption across all platforms as a member of the World Wide Web Consortium (W3C) working group.
Duo passwordless authentication will be available for public demonstrations starting in summer 2021.