1 option
Fundamentals of Passwordless Authentication.
- Format:
- Book
- Author/Creator:
- Dhondge, Kaustubh.
- Language:
- English
- Subjects (All):
- Computers--Access control.
- Computers.
- Physical Description:
- 1 online resource (358 pages)
- Edition:
- 1st ed.
- Place of Publication:
- [United States] : Artech House, 2025.
- Summary:
- Fundamentals of Passwordless Authentication is a comprehensive resource on the latest advancements in passwordless authentication, providing readers with a detailed understanding of how this technology works, its advantages, and its potential to transform the way we secure our digital lives. In today's digital age, protecting online accounts has never been more critical. Traditional password-based authentication methods are becoming increasingly vulnerable to security threats. Additionally, users are growing weary of the inconvenience of constantly having to remember and update complex, unique passwords across innumerable services. This book covers the challenges associated with traditional password-based authentication, including password fatigue, weak passwords, and the risks of password reuse. It introduces readers to passwordless authentication and its various techniques, including biometric authentication, hardware token-based authentication, email and SMS-based authentication, and more. Readers are guided through the technical aspects of implementing passwordless authentication, including the challenges and considerations involved in integrating it with existing systems and processes. The book examines the vulnerabilities of passwordless authentication and offers practical guidance on mitigating those risks while ensuring security. Additionally, it compares passwordless authentication to other authentication techniques in terms of security. It explores global trends in regulations for passwordless authentication and provides guidance on meeting those requirements. The book examines emerging trends and technologies likely to shape the evolution of passwordless authentication and their broader impact on cybersecurity.
- Contents:
- Intro
- CONTENTS
- PREFACE
- ACKNOWLEDGMENTS
- 1 INTRODUCTION TO PASSWORDLESS AUTHENTICATION
- 1.1 CHALLENGES WITH PASSWORD-BASED AUTHENTICATION
- 1.1.1 Password Fatigue
- 1.1.2 Password Reuse
- 1.1.3 Susceptibility to Social Engineering
- 1.1.4 Vulnerability to Brute-Force Attacks
- 1.1.5 Password Leaks and Database Breaches
- 1.1.6 Lack of Two-Factor Authentication and Multifactor Authentication
- 1.1.7 Inconvenient Password Management
- 1.2 OVERVIEW OF PASSWORDLESS AUTHENTICATION AND ITS WORKINGS
- 1.2.1 Setup Process
- 1.2.2 Authentication Process
- 1.3 TRANSFORMATIONAL OPPORTUNITIES FOR USERS AND ORGANIZATIONS WITH PASSWORDLESS AUTHENTICATION
- 1.3.1 Enhanced Security
- 1.3.2 Improved User Experience
- 1.3.3 Increased Productivity
- 1.3.4 Mitigation of Password-Related Risks
- 1.3.5 Simplified Authentication Process
- 1.3.6 Cost Savings
- 1.3.7 Regulatory Compliance
- 1.3.8 Future-Proofing Security
- 1.4 SUMMARY
- References
- 2 PASSWORDLESS AUTHENTICATION TECHNIQUES
- 2.1 BIOMETRIC AUTHENTICATION
- 2.1.1 Introduction
- 2.1.2 Operational Mechanisms
- 2.1.3 Implementation Challenges
- 2.1.4 Security Concerns
- 2.2 HARDWARE TOKEN-BASED AUTHENTICATION
- 2.2.1 Introduction
- 2.2.2 Operational Mechanisms
- 2.2.3 Implementation Challenges
- 2.2.4 Security Concerns
- 2.3 EMAIL AND SMS-BASED AUTHENTICATION
- 2.3.1 Introduction
- 2.3.2 Operational Mechanisms
- 2.3.3 Implementation Challenges
- 2.3.4 Security Concerns
- 2.4 AUTHENTICATION WITH PUSH NOTIFICATIONS AND MOBILE APPS
- 2.4.1 Introduction
- 2.4.2 Operational Mechanisms
- 2.4.3 Implementation Challenges
- 2.4.4 Security Concerns
- 2.5 RISK-BASED AND ADAPTIVE AUTHENTICATION
- 2.5.1 Introduction
- 2.5.2 Operational Mechanisms
- 2.5.3 Implementation Challenges
- 2.5.4 Security Concerns
- 2.6 SUMMARY
- References.
- 3 IMPLEMENTING PASSWORDLESS AUTHENTICATION
- 3.1 TECHNICAL ASPECTS, CHALLENGES, AND CONSIDERATIONS
- 3.1.1 Overview of Passwordless Authentication Technologies
- 3.1.2 Infrastructure Requirements
- 3.1.3 Security Considerations
- 3.1.4 User Experience Implications
- 3.1.5 Scalability and Performance
- 3.1.6 Interoperability
- 3.1.7 Compliance and Regulatory Challenges
- 3.1.8 Implementation Challenges
- 3.1.9 Maintenance and Support
- 3.2 INTEGRATION WITH EXISTING SYSTEMS AND PROCESSES
- 3.2.1 Assessment of Existing Infrastructure
- 3.2.2 Legacy System Integration
- 3.2.3 Application Integration
- 3.2.4 Data Migration and Management
- 3.2.5 User Identity Management
- 3.2.6 Authentication Workflows
- 3.2.7 System Interoperability
- 3.2.8 APIs and Middleware
- 3.2.9 Testing and Validation
- 3.2.10 Change Management
- 3.2.11 Monitoring and Maintenance
- 3.2.12 Compliance and Regulatory Considerations
- 3.3 BEST PRACTICES FOR DEPLOYMENT
- 3.3.1 UX Design
- 3.3.2 Security Measures
- 3.3.3 Phased Rollout Strategy
- 3.3.4 User Education and Training
- 3.3.5 Regulatory and Compliance Considerations
- 3.3.6 Monitoring and Analytics
- 3.3.7 Interoperability and Integration
- 3.3.8 Disaster Recovery and Business Continuity
- 3.3.9 Vendor and Technology Selection
- 3.3.10 Continuous Improvement and Adaptation
- 3.4 SUMMARY
- 4 SECURITY FACTORS OFPASSWORDLESS AUTHENTICATION
- 4.1 VULNERABILITIES OF PASSWORDLESS AUTHENTICATION
- 4.1.1 Device Theft
- 4.1.2 Improper Identity Proofing and Fraud
- 4.1.3 Insider Threats
- 4.1.4 Identity Management
- 4.1.5 Security Misconfigurations
- 4.1.6 User Resistance to Adoption
- 4.1.7 Legacy Systems
- 4.1.8 Emerging Threats
- 4.2 MITIGATING VULNERABILITIES AND ENSURING SECURITY
- 4.2.1 Device Theft
- 4.2.2 Improper Identity Proofing and Fraud
- 4.2.3 Insider Threats.
- 4.2.4 Identity Management
- 4.2.5 Security Misconfigurations
- 4.2.6 User Resistance to Adoption
- 4.2.7 Legacy Systems
- 4.2.8 Emerging Threats
- 4.3 COMPARISON TO OTHER AUTHENTICATION TECHNIQUES IN TERMS OF SECURITY
- 4.3.1 Password-Based Authentication
- 4.3.2 Multifactor Authentication with Password-Based Authentication
- 4.3.3 Passwordless Authentication
- 4.3.4 MFA with Passwordless Authentication
- 4.3.5 Comparison of Security Levels
- 4.4 SUMMARY
- 5 PASSWORDLESS AUTHENTICATION ADOPTION AND USER EXPERIENCE
- 5.1 FACTORS INFLUENCING USER ADOPTION
- 5.1.1 User Education and Awareness
- 5.1.2 Perceived Security and Trust
- 5.1.3 Ease of Use and Convenience
- 5.1.4 Regulatory Compliance Requirements
- 5.1.5 Integration Challenges
- 5.2 ENHANCING USER EXPERIENCE AND MINIMIZING FRICTION
- 5.2.1 Streamlined Authentication Workflows
- 5.2.2 Biometric Authentication Integration
- 5.2.3 Adaptive Authentication Policies
- 5.2.4 SSO Integration
- 5.2.5 Contextual Authentication
- 5.2.6 Device Recognition and Trust Assessment
- 5.2.7 Passwordless Recovery Mechanisms
- 5.2.8 User Training and Onboarding Processes
- 5.3 SUCCESSFUL CASE STUDIES ON PASSWORDLESS AUTHENTICATION
- 5.3.1 Best Buy's Transition to Passwordless Authentication
- 5.3.2 Beyond Identity Universal Passkey Implementation for Drupal
- 5.3.3 Intuit's Journey to Passwordless Authentication for Improved Customer Experience
- 5.3.4 Toyota's Transition to Passwordless Authentication
- 5.4 SUMMARY
- 6 STANDARDS FOR PASSWORDLESS AUTHENTICATION
- 6.1 PASSKEYS
- 6.1.1 Technical Operation Mechanisms
- 6.1.2 User Experiences
- 6.1.3 Security Considerations
- 6.1.4 Case Studies
- 6.1.5 Challenges and Future Developments
- 6.2 FIDO2
- 6.2.1 Technical Operation Mechanisms
- 6.2.2 Integration with Web and Other Platforms.
- 6.2.3 User Experiences
- 6.2.4 Security Considerations
- 6.2.5 Case Studies
- 6.2.6 Challenges and Future Developments
- 6.3 SUMMARY
- 7 REGULATORY GUIDANCE FOR PASSWORDLESS AUTHENTICATION
- 7.1 GLOBAL REGULATIONS FOR PASSWORDLESS AUTHENTICATION
- 7.1.1 European Union Regulations: PSD2 and eIDAS
- 7.1.2 United States Regulations: NIST Guidelines
- 7.1.3 Other International Regulatory Frameworks
- 7.1.4 Compliance Challenges and Considerations
- 7.2 MEETING COMPLIANCE REQUIREMENTS WITH PASSWORDLESS AUTHENTICATION
- 7.2.1 SCA for PSD2
- 7.2.2 NIST 800-63
- 7.3 COMPLIANCE-DRIVEN PASSWORDLESS AUTHENTICATION CASE STUDIES
- 7.3.1 Case Study of CZ.nic Implementing FIDO2 Authentication for Identity Verification
- 7.3.2 Case Study of Aetna for Enhancing Health Care Security While Complying with HIPAA and HITECH
- 7.3.3 Case Study of PLUSCARD Implementing FIDO2 Authentication for PSD2 and SCA Compliance
- 7.4 SUMMARY
- 8 FUTURE ROADMAP FOR PASSWORDLESS AUTHENTICATION
- 8.1 EMERGING TRENDS AND TECHNOLOGIES
- 8.1.1 Biometrics
- 8.1.2 Behavioral Analytics
- 8.1.3 Cryptographic Protocols
- 8.1.4 Continuous Authentication Models
- 8.1.5 Artificial Intelligence
- 8.2 PREDICTIONS FOR TECHNOLOGY EVOLUTION
- 8.2.1 Quantum-Resistant Cryptography
- 8.2.2 Interconnected Ecosystems
- 8.2.3 User-Centric Authentication
- 8.2.4 Blockchain and Passwordless Security
- 8.2.5 Standardization and Interoperability
- 8.2.6 Regulatory Impact on Technology Evolution
- 8.2.7 Integration with Emerging Technologies
- 8.2.8 Human Augmentation and Authentication
- 8.3 INFLUENCE OVER THE BROADER FIELD OF CYBERSECURITY
- 8.3.1 Identity and Access Management
- 8.3.2 Endpoint Security
- 8.3.3 Incident Response Strategies
- 8.3.4 Zero Trust Architectures
- 8.4 SUMMARY
- ABOUT THE AUTHOR
- INDEX.
- Notes:
- Description based on publisher supplied metadata and other sources.
- ISBN:
- 1-68569-060-2
The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.