hussain000
Instructor
- Apr 7, 2025
- 1
Hello all,
With all the latest developments in passkeys, biometrics, device-bound credentials, and FIDO2, I wanted to spark a constructive discussion:
By 2025, will enterprises be ready to fully adopt passwordless authentication?
Supported by major platforms such as Microsoft, Apple, Google, and with many SaaS products now permitting passwordless login, it's clear that progress is being made. In my experience, though, there is still a considerable gap between technology readiness and real-world use.
Some key points I’ve noticed:
Passkey adoption is on the rise, but multi-device syncing presents a hurdle, particularly in BYOD scenarios.
FIDO2 tokens (YubiKeys, etc.) are solid, but less scalable and more difficult to support within non-technical staff.
The end user experience is better, but training and recovery workflows are not always intuitive.
Passwords are still required by legacy systems, and this makes fully passwordless implementation difficult without hybrid solutions.
So I’m interested:
Is anyone currently using passwordless in your environments?
What frameworks are you on using passkeys, FIDO2, biometrics, SSO: what other protocols?
Any success or roadblock stories worth discussing?
Would be interesting to hear how others are adapting or if you're waiting for more maturity/security guarantees before going fully deploy.
Thanks in advance for the contribution.
With all the latest developments in passkeys, biometrics, device-bound credentials, and FIDO2, I wanted to spark a constructive discussion:
By 2025, will enterprises be ready to fully adopt passwordless authentication?
Supported by major platforms such as Microsoft, Apple, Google, and with many SaaS products now permitting passwordless login, it's clear that progress is being made. In my experience, though, there is still a considerable gap between technology readiness and real-world use.
Some key points I’ve noticed:
Passkey adoption is on the rise, but multi-device syncing presents a hurdle, particularly in BYOD scenarios.
FIDO2 tokens (YubiKeys, etc.) are solid, but less scalable and more difficult to support within non-technical staff.
The end user experience is better, but training and recovery workflows are not always intuitive.
Passwords are still required by legacy systems, and this makes fully passwordless implementation difficult without hybrid solutions.
So I’m interested:
Is anyone currently using passwordless in your environments?
What frameworks are you on using passkeys, FIDO2, biometrics, SSO: what other protocols?
Any success or roadblock stories worth discussing?
Would be interesting to hear how others are adapting or if you're waiting for more maturity/security guarantees before going fully deploy.
Thanks in advance for the contribution.
