“They will need to log into the Active Directory server and disable the capability within the Microsoft Authenticator app. It’s not really about blocking all apps. It looks like it’s about blocking certain authentication methods for those apps,” Longsine said, before adding an angry comment that CISOs might want to consider surrendering and simply speeding up their passkey systems. “It’s probably easier to start a migration to passkeys than it is to look at different processes.”
From an authentication perspective, it is universally agreed that passkeys provide much stronger security than passwords and passphrases. Most confusing is how many businesses plan to send passkeys.
To get end users, whether they are employees, contractors, customers, or overseas supply chain partners, manufacturing, or shipping, comfortable with passkeys, almost all businesses will keep existing passwords as a fallback when the passkey fails. Analysts estimate that password retention may last one to four years, depending on the business vertical, location, and other compliance considerations.
Source link