2. Alternative Authentication Factors Should Be Identified
It’s likely that your staff won’t all be able to use the same authentication factors. For example, some may have computers or mobile devices that don’t support biometrics, while others might not be able to use particular types of biometrics. These workers might need to be issued a hardware authentication token instead.
3. Users Will Likely Still Have Some Passwords and PINs
The most common shortcoming of passwordless authentication is that legacy systems and applications are unlikely to support it, so some use of single passwords or password-based MFA will be necessary. Also, passwordless authentication sometimes requires a PIN to be effective, but this is for local device authentication only; a stolen PIN cannot be reused from another device.
4. Physical Safeguards Are Necessary
Your employees may think that passwordless authentication makes their computing more secure. It does — but an attacker who gains physical access to a user’s device and physical credentials, like a hardware token, can use them to masquerade as the user. Educate your staff on the physical security precautions they should be taking on and off campus.