Your 1st Step to #GoPasswordless

Ajit Hatti October 4, 2021 Enterprise Security

Everyone understands and acknowledges that passwords are evil and are the biggest risk for enterprises. We have also seen that augmenting passwords with different factors not only makes the authentication process complex and costly but also fails to provide any effective security. Clearly, enterprise must choose to #GoPasswordless. In this blog, we discuss how.

Securing your first line of Defence

VPNs are the first line of defence of any enterprise. Most of your workforce access your enterprise network through VPN. This also means that VPN sees most of the network based and credential stuffing attacks. Making VPN passwordless prevents credential stuffing and attacks arising from MFA bypass.

Modern VPNs you can readily make Passwrodless

Challenges

Enterprise users need time and a systematic approach to transition from password + MFA based authentication to passwordless authentication. Not all users can make this transition overnight, this becomes a hurdle in adopting a new type of authentication system.

Phased Approach

PureAUTH integrates with many leading and modern VPNs that support multiple authentication mechanisms simultaneously, over different interfaces. This allows enterprises to transition their users from passwords to passwordless authentication in a phased manner. 

  • Typically our customers opt to have an additional interface on VPN to support passwordless authentication with PureAUTH.
  • In the first phase they put 10% of their users on the passwordless authentication system allowing the rest of the workforce to continue with their usual method without any disruption. 
  • After testing the new system with initial users, next 80% users are put on the passwordless mode.
  • By this time enterprise is ready to move the remaining 10% of the users to passwordless system.
  • Once all users are transited, its safe to scrap password based authentication.
  • Once all enterprise users are comfortable to authenticate using passwordless method its time for other applications to #GoPasswordless.

In this video you can see how Cisco AnyConnect supports both password and passwordless authentication simultaneously.

Conclusion

PureAUTH makes it super easy to secure your VPN with passwordless authentication and help your workforce to make smooth transition from passwords to #GoPasswordless. Get in touch with us to check it out in your network.

 

Share the post    
Previous Post
Overview In our previous research blog Passwords & MFA Melting VPNS we had explained how vulnerabilities in Fortinet VPN are being exploited to harvest user credentials and bypass MFA implementations.  The latest update from The Hacker News – 500K FortiGate VPN user credentials are available for free. Many instances of Fortinet VPN whose credentials are […]
Read More...