We all hate passwords and want them to be thrown into the dustbin of history.

While the technology to adopt fully passwordless authentication is already here — and available on most devices — some organizations are simply not ready to take the plunge. Such is the case with many new technologies.

For those not yet quite ready, you can introduce passkeys as one of your two-factor authentication (2FA) options as a stepping stone towards full-bore passwordless authentication.

Why passkeys?

Introducing passkeys as a 2FA option provides an apples-to-apples comparison between all your other 2FA options.

For example, you can measure the speed it takes to log in with username/password + passkeys vs. username/password + email OTP. You can measure how many users log in the first time with passkeys as 2FA vs. SMS OTP. You can ask users how they like this option and know the customer satisfaction score before moving to full passwordless.

And while static passwords may be phished, the benefit of phishing-resistant security is that the second factor of passkeys remains resilient and untouched.

But wait, there is more…

Adding passkeys as a 2FA will cut your SMS OTP transaction and setup costs — simply help your users migrate to this option and pay for this project from the cost savings. This is advantageous as you do not need to beg for new budget to go “passwordless” and come out the hero who slashed 50% of the current SMS OTP expense. Win!

Lastly, there is one more thing to know.

When you begin with passkeys as a 2FA option, you are already setting the SAME credentials you will eventually want for going passwordless. There is no need to re-register any user that already set up passkeys. You just remove the step to enter username and password and voilà — they are in.

You can begin the passwordless journey with a small step in the right direction, without upsetting the apple cart and without asking for a new budget item. In fact, you will begin the savings as soon as the options are added to the users’ account settings, driving adoption with priming and marketing campaigns.

The future is already here, it’s just not well distributed.

#NoPasswords

Is Your IT Help Desk Ready for the Rise of GenAI-based Deep Fakes?
GenAI is changing fraud: Protect your customers from account takeover via the call center
Why you should go passwordless (reason #203): Phishing is still a thing…