With travel restrictions being eased and more employees becoming comfortable with travel and remote working, the hybrid work environment has become an essential component for businesses in the UAE and around the world. This has also resulted in an increase in complexity and security risks.
A recent Information Age article further claims that the time is right for passwordless authentication, as “passwordless authentication makes users’ lives easier” and removes the human factor from cybersecurity — where “people just can’t be trusted to set reliable passwords, to change them frequently, to make sure they are strong, and to keep them secure.”
When carrying out a payment via a smartphone app, the user has to authenticate the transaction using either one of the iPhone’s built-in biometric authentication features, or punch in a PIN code, reducing the threat of relay attacks. However, in May 2019 Apple introduced the “Express Transit/Travel” feature that allows Apple Pay to be used without unlocking the phone.
The multiple data leaks discovered and reported by the researchers were found to originate from Microsoft Power Apps portals that were configured to allow public access. Microsoft Power Apps portals is a tool that allows anyone to create responsive websites and gives users both internal and external secure access to data either anonymously or by using commercial authentication providers.
As a Gartner analyst that spends quite a bit of time focusing on identity and authentication (IAM); there is a lot to be said about passwords. I won’t spend any time highlighting all the joys (not!) about passwords.