SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

CyberArk expands passwordless authentication with new passkey support

Wed, 22nd Nov 2023
FYI, this story is more than a year old

CyberArk has announced an expansion of its passwordless authentication capabilities with the new support for passkeys. The recent addition is part of the CyberArk Identity 23.11 release and highlights CyberArk's unique approach to ensuring security for all workforce users.

The identity security company's addition of passkey support means that CyberArk Identity clients will now be able to accelerate passwordless adoption and lessen cybersecurity risk. This is achieved by facilitating passkeys for more robust authentication methods like biometrics when accessing apps and websites. As many breaches begin with stolen or abused credentials, passkeys offer a passwordless strategy that can shrink the attack surface and reduce credential theft.

The introduction of passkeys provides CyberArk Identity customers with phishing-resistant, FIDO2-compliant credentials that substitute passwords. This ensures the most potent level of protection against identity theft and account takeover, complying with the NIST Authentication Assurance Level (AAL3). In addition, passkeys are compatible across user devices and even function with those in close physical proximity. This streamlines and accelerates authentication flows, thereby enhancing user experiences.

Part of the CyberArk Identity Security Platform, CyberArk Identity offers a series of SaaS solutions aimed at simplifying enterprise identity and access management while not compromising on a high level of security. The platform enables organisations to adopt Zero Trust and the principle of least privilege with complete visibility. It thus facilitates more secure access to any resource located anywhere for each identity, complete with intelligent privilege controls.

Furthermore, CyberArk Identity also supports YubiKey One Time Passcode (OTP). With the OTP generated by their YubiKey, users can securely authenticate to any application protected by CyberArk Identity. In addition to passkeys, this support serves as another robust layer of defence against data breaches and cyberattacks, often rooted in passwords.

Gil Rapaport, the General Manager of Access at CyberArk, emphasises the significance of passkeys in achieving passwordless authentication. The introduction of passkeys aims to empower CyberArk's customers to eliminate the reliance on traditional passwords in their authentication processes. This not only addresses password-related security risks but also enhances productivity and the overall user experience. CyberArk aims to provide a more secure and efficient authentication solution for its customers by embracing passkeys.

Gil Rapaport says: "By introducing passkeys for passwordless authentication, we are further enabling our customers to eliminate passwords from their authentication workflows."

"Not only are we helping to eliminate password-based risk for our customers, but we are also improving productivity and the overall user experience."

CyberArk's comprehensive, feature-rich, and modern passwordless solution, CyberArk Identity, has been distinguished as an Overall Leader in KuppingerCole's Analysts AG Leadership Compass: Passwordless Authentication. The report commended CyberArk Identity for its proficiency in securing remote access and BYOD scenarios, flexible deployments, robust partner ecosystem, and proven scalability.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X