Passwordless Authentication: Weighing the Options 

Great Video! One argument I do have against "have" and "are" options is the availability/reliability of the devices required to authenticate them. If I need my phone and its stolen/broken, then its inconvenient. If the biometric fingerprint reader malfunctions, then i am locked out. These are not easy to replace quickly. So while I agree these combinations are the most secure, I do believe these can be the most inconvenient when things go wrong.

You can never underestimate how important these videos from you, but for me some small things are so frustrating(as already mentioned here in comments), if on your android smartphone, if you failed to pass bio for some reason(wet fingers, bad angle, low light or sunglasses, whatever) after couple fail attempts you either should input pin code or pattern, which you have to hide in public area(can be catched by camera or pair of eyes) which make it a little bit inconvenient. On the other hand I still shocked how many high level organization's websites asking some ridiculous questions (usually set of them) like mother's maiden name, fav pets or first teachers and keeping them as the ultimate and only option. I guess many of this info bad acts can fish from media platforms, not mentioning that it's hard to remember what you put there couple years ago, overthinking to not make it obvious but more secure 🤯 But as always, Thank You for comprehensively clear and straightforward video

Another concise and engaging video that all IT/cyber folks would benefit from watching and considering the authentication options that are now available- passwords are SO insecure. Thank you Jeff!

Another issue is that not everyone is using mobile phones (think of many older folks or visually challenged). I never use a phone for any banking or other serious work, instead I'm always using a laptop which may or may not have bio-metric features built in. Again, every method has its pros and cons, there's no perfect solution.

I saw some new security beta programs for post quantum and something similar to fido but although they have two different origins i think as in the video they could in the near future especially be used with a mobile device that contains a much better build of security kit into it... Also i am just this year starting to hear or read about the potential of adapting the already researched bio computer stuff like the new buo computing or photonic computing languages built for ai driven purposes. I'm really interested🤔 to hear about it more. Thanks.

Jeff, old friend. Very well described.

FIDO is definitely by design the solution

Great video.

Clear explanation

Great video Jeff.

Great teacher and content. Keep it up :)

Thanks!

Do you have to be able to write in mirror flip in order to work for IBM?

Can you affiliate link to a secure password manager program/app?

Hi. I have a question.i love the MFA initiatives. And great videos on security. I agree the passwordless is a blessing in disguise. On a device I also have a passcode. This system is faulty as the something I am is left open to something I know. On my device my passcode can get all my password and my cybersecurity team(‘just me myself and I) are left open to an attack of my bank account and access to personal information etc. I wonder if their may be suggestions of how to keep our devices more secure and yet accessible in case of a os problem camera problem/ fingerprint?my 4 or 6 digit passcode is the concern and I want security for my own device. The external it has done a great job but at home could have bad actors also. Any wise words would help. Thanks. And no keep your passcode hidden answers 🙏. Should have watched till the end thanks Jeff. See hope in the fact Siri may only listen to my voice not a child’s voice?

Is it possible to create a FaceID on one phone from a picture displayed on another phone without the actual physical face?

Just I worried about most of factors are rely on USIM and telephone system. When attacker steal your SIM card and If you not did SIM hardware-lock in case. It is very dangerous issue until you try to register your new SIM. (even the bio-key does not resist of this attack. it is similar with changing the phone. Bio auth is only authentication in hardware, not qualified by network or server or etc. ) Stealing SIM is not often occur in real world, but be aware of take care of your phone. And sometimes... SIM break down in naturally. I recommend backup system of telephone. May be use 2 or more phone number, email, recovery key which can use offline-based system. NOTE: recovery key same as password. don't take picture of this don't save any digital thing if it is important. Just write on your book and lock of it. recovery key is not used in most of case. Don't use it normal case.

Really like your videos. Insane good. But now I would disagree. Costs of the HW Token is xx but fido is more expensive, even for the needed backup. For me FIDO is xxx at the costs.

FIDO eliminates the reliance on passwords, which are the primary target for credential harvesting there by reducing the attack surface but getting end users to always use mfa is no easy feat

push-bio vs FIDO-bio/pki.. that's a bit confusing to compare

The problem with any bio-metric method is that if a person passes away either young in an accident or of old age, then usually bio is not available for their loved ones to access bank and other accounts. Every method has pros and cons, there's no perfect solution.

I love cakes as well

Must have phone. Must have internet connection. Almost forgot, must have credit card.

Password 🔑

Password