ForgeRock has enabled passwordless authentication for clients using its ForgeRock Identity Cloud and ForgeRock Identity Platform. The new feature has been dubbed ForgeRock Go, and it is being released as part of the Intelligent Access solution that is available through both the Identity Platform and the Identity Cloud.
ForgeRock Go will leverage the authentication features on individual devices, allowing users to log into an account using any factor that supports the FIDO Alliance’s WebAuthN standard. That includes biometric forms of authentication like Touch ID and Windows Hello in addition to physical tokens like YubiKeys. Any credentials are stored on the device itself (rather than online), so the user’s personal information is less likely to be exposed in a security breach.
ForgeRock Go will confer all of the advantages typically associated with passwordless authentication. Users will no longer need to remember user names and passwords to gain access to their accounts, enabling a more streamlined user experience while strengthening overall security.
“No one looks forward to entering usernames and passwords when shopping, banking or doing anything online,” said ForgeRock Chief Product Officer Peter Barker. “ForgeRock Go combines convenience with security by delivering much more secure and seamless login experiences for our global customers.”
ForgeRock Go arrives shortly after the company released a Consumer Identity Breach Report that revealed that more than 5 billion individual records were exposed in data breaches in 2019 alone. Personally identifiable information was compromised in the vast majority of those cases, leading to $1.8 trillion in losses for U.S. organizations. ForgeRock has also updated its identity portfolio to automate onboarding, access control, and account recovery procedures.
The company is hoping that the new features will encourage people to adopt stronger security solutions. Several recent reports have revealed that many people still rely on memory and reuse the same password on multiple accounts, which makes both organizations and individuals more vulnerable to cyberattacks.
June 26, 2020 – by Eric Weiss