Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.
Passwords are enterprise security’s weakest link. With a simple phishing or social engineering scam, a threat actor can harvest a user’s login credentials and gain access to protected information, which is why password management providers are looking to move toward passwordless authentication.
Just today, 1Password announced the launch of a new browser extension for Chrome, Firefox, Brave and Edge designed to help users automatically, save, store and autofill logins with a range of third-party providers so that users don’t need to create unique usernames and passwords.
Third-party providers supported by the extension include Google, Apple, Facebook, Twitter, Microsoft, Okta and GitHub.
Since hybrid work has blurred the lines between employees’ work and personal lives, the new extension will provide employees with a potential solution to protect their online accounts against compromise.
Intelligent Security Summit
Learn the critical role of AI & ML in cybersecurity and industry specific case studies on December 8. Register for your free pass today.
Stopping credential theft for good
The release comes as credential theft continues to rise. A report from Digital Shadows found that 24 billion stolen usernames and passwords are available on the dark web.
With such a high number of credentials exposed on the dark web, it’s clear that passwords are easily exploitable and ineffective at keeping out unauthorized users, which is driving the demand for passwordless authentication solutions among technology vendors and the FIDO alliance.
As part of this movement, LastPass is using the browser extension to offer users greater protection against account takeover attempts targeting work and personal apps.
“The new browser extension feature that we launched today supports enterprises’ needs to manage Shadow IT, securing access to the apps and websites that fall outside the IT teams’ purview, on behalf of users and the organizations they work for,” said Steve Won, chief product officer at 1Password. “Our new browser extension helps users remove that guesswork by letting 1Password remember which third-party provider they used to sign in with, and to get them to where they’re going more quickly.”
The extension will decrease the risk of credential theft by enabling users to login without the use of a password and simplify the sign-in experience.
The passwordless authentication market
1Password’s solution falls within the passwordless authentication market, which researchers anticipate will grow from $6.6 billion in 2022 to $21.2 billion by 2027.
One of the organization’s main competitors in the market is LastPass, a password manager which offers passwordless login so that users can log in by using LastPass Authenticator.
LogMeIn acquired LastPass for $110 million in October 2015 before spinning the company out in 2021 after Elliot Management’s private equity arm and Franceso Partners purchased the organization for $4.3 billion.
Another competitor is Bitwarden, an open-source password manager that enables users to store passwords and encrypts data with AES-256 bit encryption, salted hashing, and PBKDF2 SHA-256. Bitwarden recently announced raising $100 million in funding led by PSG.
According to Won, the main differentiator between 1Password and these competitors is its focus on human-centric and zero-knowledge security.
“Information about our security architecture and relevant company processes are openly documented, and we employ a zero-knowledge security model, meaning we cannot access private data stored in customers’ vaults,” Won said.