Security Incident Response

If you think you have or know you have a Security Incident please fill in the form and our experienced Onevinn CSIRT team will reach out shortly.
 
The team has long experience in supporting customers in Incident Response and Compromised Recovery.
 
Keep calm and we will be with you shortly!

Christopher Lindström 14 Sep 2020
1 min

How to start your passwordless journey

What if you could replace existing passwords with something much more secure, but also really easy to use? You login will no longer use a password, which means that network sniffers, keyloggers and even shoulder-surfers never has a chance to steal it. Instead the login to Office 365 (and all other Azure AD apps you use) is protected with a keypair and modern authentication protocols.

Would this not be convenient for you? What if you can do this for all your users?

Let us explain why and how you can start this journey!

There are multiple reasons why you should start your Passwordless journy:

1. With today's threat landscape an end users password is the attacker's best friend. Phishing where the user is tricked into entering their username and password is just one attack vector. There are multiple ways for an attacker to get hold of user's passwords.

2. Password complexity where the end user needs to meet a complex password criteria can lead to that the end user choses a predictable password or reusing a password from another account, regardless of whether it is a business account or personal account.

3.  Resetting an end users password is one of the most common task for the IT Service Desk. Then end user is also likely unable to perform their job while waiting for assistance.

Going Passwordless has many advantages:

  • When switching to Passwordless Multi-Factor authentication you will reduce the attack vector of Phishing and password attacks.
  • End user will get a convenient and easy way for signing in and access data.
  • You can manage this at scale using Identity and Access Management to enable single sign-in, manage MFA and apply access policies.

Here are four Passwordless use cases to have a closer look at:

  • Windows Hello for Business - Replace your password with MFA on your Windows 10 device by login on in a convenient way using your face or fingerprint.
  • Microsoft Authenticator - Use your mobile device and get a push notification where you verify your identity with your face or fingerprint or a PIN.
  • Microsoft Edge - Microsoft Edge supports passwordless authenticators so you can use your browser to authenticate.
  • FIDO2 Security Keys - Use a security key, such as Yubikeys from Yubico, to replace your password with MFA using standard-based protocols on your mobile devices.

This movie from Microsoft explaining passwordless (2 minutes long)

Watch our recorded webinar "How to start your Passwordless Journey"