The death of passwords (and the rising importance of cloud authentication standards)
Another day, another story about another high profile company being hacked—and losing millions of users’ personal information. Today, it’s Blue Cross—with 10 million customers at risk.
It is seriously scary stuff. Hackers have proven time and time again that no one is 100% safe from this threat.
In many cases, the hackers are phishing their targets. (We’ve posted a lot about the dangers of phishing, as well as how to recognize and avoid it.) The goal of phishing is to get a victim’s basic login information, and to use that information to go after bigger targets.
Which has a lot of people asking: why don’t we just get rid of login information?
Cloud authentication standards: fewer logins are better
In June, at the Cloud Identity Summit in Southern California, four of the world’s largest cloud providers—Microsoft, Google, VMware, and Salesforce—gathered for a public and honest discussion about the increasing role that cloud authentication (e.g. login details) has played in recent hacks. One of the conclusions reached by the group was that logins and passwords themselves are an antiquated concept.
After all, each login represents a possible point of attack. So the fewer credentials required per user, the better.
One way the antiquated login process might be put out to pasture is through one of the emerging open standards of authentication, including SAML, OpenID, and FIDO.
These standards work by using a single federated account for user identification along with a strict authentication process that eliminates the need for unique credentials for each application you use. In other words: instead of having individual logins for each app, you just have one universal login with much stricter authentication controls.
Companies like Google, Microsoft, Visa, and PayPal are starting to adopt these standards. But large scale adoption requires SaaS providers to share the same standards for their login processes. Fortunately, the industry is shifting from proprietary authentication processes to a few highly secure standards, which ultimately means easier integration and higher levels of security and safety for everyone who uses these services.
AppID is ahead of the game
At Intermedia, we are proud to say we caught on to this trend early. We designed Intermedia AppID, our Single Sign-On solution, around the SAML and OpenID standards. It offers a single login portal protected by two-factor authentication that logs you into the many different online applications that users leverage throughout their day.
For users, it means no fumbling for and remembering long passwords. But it also means higher levels of security, with admins having the ability to actively control who has access to what on an administrative level.
As we have continued to watch SAML and OpenID grow into the authentication standard of choice, we are confident we made the right decision.
Learn more about Intermedia AppID. Or call 1.800.379.7729 to start using AppID today with a 30-day free trial.