ForegeRock is adding a new passwordless authentication capability, called Enterprise Connect Passwordless, to its flagship Identity Platform product to help eliminate the need for user passwords in large organizations.
ForgeRock has partnered with Israeli company Secret Double Octopus to deliver the new feature set, designed to enable enterprises to integrate passwordless technology into enterprise IT infrastructure and provide end users with a unified login approach to all their applications.
“While ForgeRock already offers passwordless authentication for mobile and web applications, the new Enterprise Connect passwordless authentication extends passwordless capabilities to common enterprise infrastructure like desktops, databases, servers and vpns,” said Peter Barker, product manager at ForgeRock.
The most common passwordless authentication technologies include biometrics (for example, facial, finger, and voice recognition), security keys, software keys, certificates, and behavioral analysis.
ForgeRock offers no-code identity orchestration
Enterprise Connect Passwordless Deployments no-code and low-code identity orchestration technology designed to give organizations a simplified way to implement passwordless login access for end-user applications, the company said.
“Built natively into our unified platform, orchestration journeys provide a low-code, no-code approach to effortlessly create, define, and administer access experiences within ForgeRock to improve login experiences. employees, contractors, partners and consumers,” Barker said. “Drag-and-drop setup makes it easy for teams to add security signal analysis, third-party integrations, and create streamlined user registration, lost device, and support flows.”
Additionally, orchestration technology allows organizations to adopt a passwordless access technology framework at their own pace – for example, starting with an application and then moving to other resources – without an “all or nothing” experience, Barker said.
According to Barker, organizations can define and deploy different runtime passwordless login access schemes for different users based on context, and select users by micro-segment for user acceptance testing ( UAT) without password.
Enterprise Connect centralizes passwordless authentication
Among other features, the partnership with Secret Double Octopus will allow ForgeRock enterprise customers to allow their end users to access devices using a security key (for example, using Yubi key) without having to remember and enter passwords.
“The key enhancement introduced with this announcement is the centralized ability to manage passwordless authentication across endpoints in addition to traditional endpoints, such as the web and SaaS apps,” said Steve Brasen, director of research at Enterprise Management Associates, an analyst and consulting firm. “Few identity management platforms can centrally manage login screens on endpoints, and ForgeRock is the first to extend this capability to also support passwordless approaches.”
The approach will also unify single sign-on (SSO) so that once users log in to their desktops, they don’t need to re-authenticate to access other corporate resources. .
ForgeRock supports passwordless authentication features through FIDO2 WebAuthn standards. The FIDO Alliance standard is an open industry association launched in February 2013 to help reduce “the world’s overreliance on passwords”, according to the group’s website.
Passwordless features of ForgeRock Enterprise Connect will be generally available in Q2 2023 for current customers.
Copyright © 2023 IDG Communications, Inc.