Skip to main content

Passwordless MFA

Overview

Get started quickly?

Check our quick-start guides page to set up and test Passwordless MFA for various use cases.

Quick-start guides
This section contains guides on how to deploy, configure, and manage idemeum in a wide range of contexts.

What is Passwordless Authentication?

Passwordless authentication is a group of identity verification methods that don't rely on passwords. Biometrics, security keys, and specialized mobile applications are all considered "passwordless" or "modern" authentication methods. Passwordless authentication was created to balance usability (remove user friction) with strong authentication.

Passwordless authentication ideally involves less user interaction during the login process than traditional forms of authentication. It uses public key cryptography, which authenticates the user with a pair of cryptographic keys โ€” a private key thatโ€™s a secret, and a public key that isnโ€™t โ€” and it comes with a lexicon of new (or relatively new) acronyms and standards like FIDO2 standard (FIDO stands for Fast Identity Online, and FIDO2 is just an umbrella term for the combination of WebAuthn and Client to Authenticator Protocol (CTAP)).

What is Idemeum Passwordless MFA?

Idemeum Passwordless MFA is a mobile application that replaces passwords with a combination of certificates and biometrics. Instead of typing a password to access a company resource (such as workstation, or web application), users scan a QR-code with idemeum application, and approve login with biometrics. Idemeum Passwordless MFA can secure access to pretty much any company resource, including Windows and macOS workstations, Single Sign-On web applications, Wi-Fi, VPN, and infrastructure servers.

At registration, idemeum securely generates a pair of cryptographic keys in addition to FIDO2 standards. The private key is stored on the userโ€™s mobile device using hardware-backed crypto storage, whereas the public key is registered with idemeum backend. When users scan login QR-code with idemeum mobile application, they are required to authenticate with multiple factors - biometrics and certificates.

Idemeum benefits

  1. Reduce cyber risk by stopping credential attacks - attackers simply canโ€™t use passwords anymore - they donโ€™t exist. idemeum can protect against login credentials being stolen or leaked in credential stuffing, credential cracking, social engineering, and phishing attacks.
  2. Improve workforce experience and productivity - idemeum eliminates user friction - no more codes, magic links, hardware devices, and remembering passwords. idemeum offers a solution where strong security meets frictionless experience.
  3. Reduce help desk calls for password resets - users no longer have to meet complex password requirements, change them every 60 days, or contact the help desk to resolve password lockouts and reset issues.