The Passwordless Enterprise Era

How ForgeRock and Secret Double Octopus Are Paving the Way for a Passwordless User Journey    

We’re living in a world where managing digital identities is becoming an increasingly complex and tedious task. Every organization must deal with multiple accounts and credentials for users, employees, and devices. Sometimes, these siloed identities can span across dozens or hundreds of locations, and number in the thousandsor even millions. All this chaos is accelerating the adoption of passwordless technologies. 

With all these moving parts, it can be extremely difficult to secure company informationand this results in a frustrating experience for both users and IT teams. With the infrastructure inside many organizations becoming increasingly fragmented across different servers, cloud services, and online platforms, the identity and access management problem becomes even more complicated. 

This is where passwordless authentication can help. The ForgeRock Identity Platform enables fully password-free user journeys out of the box, and with technology partner Secret Double Octopus, the experience can be extended to the users workstation authentication. This frees employees and administrators from the pain of remembering and managing passwords throughout the enterprise. 

The Growing Challenge of Enterprise Identity and Access Management

Companies often struggle to set up identity and access management (IAM) solutions in a secure, easy-to-use, scalable, and future-proof way. Unfortunately, many organizations end up outsourcing this task to expensive integration specialists to make complex systems work together and to maintain these integrations over time. Either way, organizations gradually get stuck with overly complicated systems that are costly, create unnecessary risk, and can’t scale with their growing needs.

 The mounting challenge of identity management has spurred collaboration among different vendors to create scalable, integrated solutions that provide robust security and easily integrate with the different on-premises and cloud-based solutions that the enterprise has already invested in. These efforts have become even more important as the COVID-19 pandemic has driven  many companies to adopt work-from-home models, making them even more dependent on reliable and scalable digital infrastructure.

 The addition of Secret Double Octopus’ technology to the ForgeRock Trust Network extends the reach of Intelligent Authentication to the desktop login experience and provides passwordless authentication to any application protected by the ForgeRock Identity Platform 

As we’ve covered in a previous blog series, passwords are a weak spot that continues to give organizations IT cost overhead and security nightmares. The deployment of passwordless authentication provides increased security, lower operational costs, less downtime, and an enhanced user experience that results in improved productivity across the organization.

How Do We Do It?

With the integration of Secret Double Octopus, ForgeRock customers can improve security, creating a more pleasant user experience for employees, and change the way IT departments handle user authentication.

The change starts at the workstation levelwith a choice between Desktop Multi-Factor Authentication (MFA) using the ForgeRock app or a passwordless desktop experience that removes passwords altogether when logging in to Microsoft Windows, Apple Mac, or Linux workstations. With additional support for existing one-time password (OTP) tokens, offline scenarios, and FIDO2 keys, the workstation becomes the first step towards a passwordless enterprise.

Passwordless SDO Image 2.png

The next change happens at the directory level, with a choice to use to an existing Active Directory (AD) or Azure Active Directory (AAD) datastore, or to remove AD all together and rely on the ForgeRock Directory Service as the source of user profile data for workstation authentication.

Organizations have the flexibility to adopt different scenarios based on their policies, preferences, and available technology. For instance, they can choose between the ForgeRock Authenticator, the Octopus Authenticator, or a combination of both. If the work environment does not allow mobile devices, they can use FIDO2 keys as a second factor, or they can use an offline OTP if users can’t access the internet.

Integrating Octopus Authentication with the ForgeRock Identity Platform eliminates the need to create, change, manage or remember passwords, saving many headaches and complexities for IT teams and users. This directly results in boosted uptime and productivity, as well as increased security, thanks to a universal user experience across all applications.

 Together, ForgeRock and Secret Double Octopus provide customers with a clear path to transition from costly and risky user-managed passwords toward a passwordless future. Organizations can now deploy a single authentication mechanism to serve all their needs in a frictionless, cost-efficient way through a known and trusted platform.

Want to create simple and secure access experiences that just flow? Find out more about passwordless authentication here

*** This is a Security Bloggers Network syndicated blog from Forgerock Blog authored by Frank Gasparovicn. Read the original post at: https://www.forgerock.com/blog/passwordless-enterprise-era