Passwordless authentication is an authentication method in which a user can log in to a computer system without the entering (and having to remember) a password or any other knowledge-based secret. In most common implementations users are asked to enter their public identifier (username, phone number, email address etc.) and then complete the authentication process by providing a secure proof of identity through a registered device or token.
Here are some example findings from our report:
- Hypr: A company providing passwordless multi-factor authentication.
- An article about 1Password’s platform-independent passwordless system.
- A paper with a formal analysis of FIDO2, a standard for security-device supported logins.