Intercede, the global leader in managing digital identities, today announced that it has been recognized as a Representative Vendor in the Gartner Market Guide for User Authentication. “Client interest in passwordless authentication, whether to enhance user experience or mitigate account takeover risks, remains high. Fast IDentity Online 2 (FIDO2), including passkeys, is strategically important; however, it is not a universal solution. Other approaches can provide significant value in the short to midterm.” says the report. It further states “Attacks against incumbent multifactor authentication (MFA) methods are driving interest in phishing-resistant MFA and robust identity verification for credentialing and account recovery.”
The timing of Gartner’s new Market Guide coincides with the launch of Intercede’s Enterprise Managed FIDO Authentication with YubiKeys solution, that was unveiled at the Authenticate Conference in San Diego (16th – 18th October 2023). This single centralised, standardised and affordable best-of-breed solution combines the YubiKey hardware token from Yubico, with Intercede’s MFA solution, to reduce the complexity and time taken to deploy and benefit from the use of FIDO credentials. In doing so it makes it possible for enterprises to implement better security, phishing resistance and passwordless FIDO authentication.
In considering the direction of the market, Gartner states in its Market Guide that “IAM leaders will seek passwordless authentication methods, with FIDO2 methods dominating within the next three years”. Allen Storey, Chief Product Officer at Intercede gives some advice for organizations looking to make the transition: “When you are considering the security of authentication it needs to be done on a sliding scale. Replacing passwords with passkeys will certainly be more secure and afford a high level of phishing resistance. However, passkeys that are managed by phone or computer operating systems are automatically synced between the user’s devices via a cloud service and can be easily shared without the organization being aware. If you want a higher level of credential and identity assurance a management solution that uses a passkey bound to a secure device, such as a YubiKey is the way forward.”
The shift to passwordless has been mooted for many years with the lack of an overwhelming heir apparent technology and a degree of apathy delaying an en-masse migration. The reality is that many organizations will continue to use passwords for some time. Storey also offers the following guidance: “If what you are protecting with passwords is valuable to your organization, then I strongly suggest against waiting for a perfect solution before acting. If passwords are going to continue to be used it is imperative to be alert to accounts that have been compromised or breached. Better password practices can start today with the use of a Password Breach Database to ascertain the level of protect passwords in active usage are giving. This can be augmented by Password Management System that ensures users adhere to password best practice.”
The Gartner Market Guide for User Authentication is available at: https://www.gartner.com/en/documents/4669799
Gartner, Market Guide for User Authentication, Ant Allan, James Hoover, Robertson Pimentel, 23 August 2023
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Image credit: Freepik