This article written by a Ubisoft executive identifies its roadmap to eliminate passwords but is focused on enterprise solutions. It starts by discussing relatively unsecure methods, such as OTP, and then transitions directly to a pitch physical security keys, with just a short description of the solutions baked into the mobile operating system which it also describes as less secure.
I think the article would better speed the elimination of passwords if it focused on the solutions that are easily accessible to web site operators today. The majority of smartphone users would enjoy a FIDO enabled biometric to access subscription web sites and others but the focus of this article is focused on Active Directory corporate users:
“Yubico recently celebrated an important milestone in the evolution of modern authentication. We are excited to report that YubiKey passwordless authentication is now generally available to Microsoft’s Azure Active Directory (Azure AD) users, a critical step toward achieving better security without compromising usability. Nearly three years ago, Yubico started on this journey with Microsoft and brought the first FIDO2-enabled security key to the market.
With the general availability of passwordless login for Azure AD, admins can now enable a passwordless login flow for their users with a variety of authentication options including: Windows Hello, Microsoft Authenticator App, and FIDO2 security keys, like YubiKeys. Once enabled, enrolling, adding, and removing YubiKeys is a self-service process for employees.”
Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group
