ForegeRock is adding a new passwordless authentication capability, called Enterprise Connect Passwordless, to its flagship Identity Platform product to help eliminate the need for user passwords in large organisations.
ForgeRock has partnered with Israel-based Secret Double Octopus to offer the new feature set, designed to allow companies to integrate passwordless technology into enterprise IT infrastructure and provide end users with a unified login approach to all their applications.
“While ForgeRock already offers passwordless authentication for mobile and web applications, the new Enterprise Connect Passwordless authentication extends passwordless capabilities to common enterprise infrastructure like workstations, databases, servers, and VPNs,” said Peter Barker, Forgerock's chief product officer.
Prevalent passwordless authentication technologies include biometrics (for example, face, finger, and voice recognition), security keys, software keys, certificates, and behavioral analysis.
ForgeRock offers no-code identity orchestration
Enterprise Connect Passwordless deploys no-code and low-code identity orchestration technology designed to give organisations a streamlined way to implement passwordless login access for end-user applications, the company said.
“Built natively into our unified platform, orchestration journeys provide a low-code, no-code approach to effortlessly create, define and administer access experiences within ForgeRock to improve employees, contractors, partners, and consumers' login experiences,” Barker said. “The drag-and-drop configuration makes it easy for teams to add security signal analysis, third-party integrations, and create simplified user registration, lost device, and help-desk flows.”
Additionally, the orchestration technology allows organisations to adopt a passwordless access technology framework at their own pace — for example, starting with one application and then moving to other resources — without it being an "all or nothing" experience, Barker said.
Organisations can define and deploy different run-time passwordless login access schemes to different users depending on context, and micro-segment select users for passwordless user acceptance testing (UAT), according to Barker.
Enterprise Connect centralises passwordless authentication
Among other capabilities, the partnership with Secret Double Octopus will allow ForgeRock’s enterprise customers to let their end users access devices using a security key (for example, using YubiKey) without needing to remember and type in passwords.
“The major enhancement introduced with this announcement is the centralised ability to manage passwordless authentication on endpoint devices in addition to traditional access points, such as web and SaaS apps,” said Steve Brasen, research director at analyst and consulting firm Enterprise Management Associates. “Few identity management platforms can centrally manage login screens on endpoint devices at all, and ForgeRock is the first to extend this capability to also support passwordless approaches.”
The approach will also unify single-sign-ons (SSOs) so that once users log into their desktops, they do not need to re-authenticate in order to access other business resources.
ForgeRock supports passwordless authentication capabilities through FIDO2 WebAuthn standards. The FIDO Alliance standard is an open industry association launched in February 2013 to help reduce "the world’s over reliance on passwords," according to the group's website.
ForgeRock Enterprise Connect Passwordless capabilities will be available generally in the second quarter of 2023 for current customers at no extra cost.