For most of us, our everyday digital interaction with enterprises and government departments starts with a username and a password.
The problems with passwords are well documented. Simply put, passwords are not a good security measure anymore.
Passwords have a ton of problems:
- Good passwords are really hard to remember;
- Most people will willingly choose a weak password so that it is easy to remember;
- Passwords can be guessed;
- People tend to reuse passwords across multiple websites, meaning that if your password is stolen from one website, it can be used to access other websites.
Another problem with passwords is the central storage of this information. When you sign up to a website like LinkedIn or Facebook your passwords have to be stored in a directory or database. Keeping passwords safe in databases that are increasingly complex and internet accessible is difficult. Databases can be breached and, unfortunately, this happens quite frequently - two billion passwords were compromised in 2021 alone.
Lastly, passwords are susceptible to phishing attacks. A phishing attack is where someone pretends to be someone they are not and makes you sign in with your credentials(username/password) to a fake website, and then steals your password.
As you can see, passwords have many weaknesses.
Haventec Passwordless MFA
Let us now look at Haventec's Passwordless MFA
Haventec Passwordless MFA completely replaces the need for passwords. It is a smart, user-friendly and much more secure system for authenticating customers.
The way it works is that when creating an account for a website or app, Haventec Passwordless MFA will create a unique rolling digital key that only works for that particular website or application, from your device. When you need to access the digital key to authenticate yourself, all you need to do is enter a PIN or biometric.
What is different between the Haventec solution and Passkeys is that the digital key is not stored anywhere and it changes every time a user signs in to a website or app.
Because the digital key is not stored on a server or a user’s device it completely solves the problem of password data breaches and also the problem of password phishing since the digital keys only work for websites they were created for. In other words, when a bad actor sends you a fake website the Haventec solution will reject it.
Lastly, Haventec Passwordless MFA will work across all devices that you own.
The journey to implementing Haventec Passwordless MFA does not need to be a long one. Unlike Passkeys which require a lot of effort from developers of various services, Haventec Passwordless MFA works with a biometric reader or PIN. This is important because fingerprint scanners and cameras are not always reliable, e.g. during rainy weather, and the fact that there are still millions of devices that simply do not feature a biometric reader.
Haventec Passwordless MFA offers enterprises a chance of truly making a giant leap forward for online security and user authentication experience - the thought of not having to remember a password anymore excites us at Haventec as it will allow everyday users like our parents, to not have to bother with complicated passwords anymore.