Teleport introduces passwordless authentication to access management 

Join executives from July 26-28 for Transform’s AI & Edge Week. Hear from top leaders discuss topics surrounding AL/ML technology, conversational AI, IVA, NLP, Edge, and more. Reserve your free pass now!

Enterprise security continues to journey toward a new future defined by passwordless, biometric technology. 

Working alongside the FIDO alliance, industry giants like Apple, Microsoft, and Google have been experimenting with passwordless authentication solutions to phase out the use of passwords and to provide users with better protection against credential-based attacks, social engineering attempts and phishing scams. 

As part of this trend, open-source identity-based infrastructure access management (IAM) provider Teleport, announced the launch of Teleport 10, the latest version of Teleport Access Plane.

The new solution will offer enterprise users passwordless access to key resources including servers, databases, Kubernetes clusters, and internal web apps without the need for usernames, passwords, private keys, or other exploitable secrets. 

Instead, users will be able to use biometric tools like TouchID, Windows Hello and Yubikey BIO so they won’t have to worry about the theft of passwords or log in credentials. 

Moving beyond the limits of password-based security 

Teleport 10’s launch comes on the heels of a recent announcement from the company that it achieved a valuation of $1.1 billion following a $110 million series C funding round. The new release is the latest example of technology providers attempting to phase out password-based authentication to stop credential-based attacks that have wreaked havoc over the past few years. 

There are over 15 billion passwords exposed on the dark web every year. Password-based security has failed to protect users from malicious threat actors for some time now.  

“Because passwords, usernames, private keys and even browser cookies can be copied lost or stolen, collectively they are the number one cause of data breaches. According to the Verizon Business 2022 Data Breach Investigations Report, the most common causes of data breaches can be traced to either human error or malcontent,” said Teleport CEO and cofounder, Ev Kontsevoy. 

“Once bad actors gain access to an organization’s infrastructure through static credentials, they can then pivot within the system and access as much sensitive information as possible,” Konsevoy said. 

Kontsevoy says that Teleport 10 aims to address this routine exploitation by authenticating users with biometric identity-based access management. 

Using non-electronic physical attributes of employees to log in is more secure because this information can’t be stolen, lost or shared in the same way. 

As of today, Teleport 10 is now “the first ” Unified Access Plane based on the FIDO alliance’s WebAuthn standard and illustrates a trend toward biometric infrastructure access management. 

Passwordless authentication and privilege access management 

With the writing on the wall for password-based security, it is unsurprising that the global passwordless authentication market is growing rapidly. Researchers value the market at $12.79 billion in 2021 and anticipate that it will reach a value of $53.64 billion by 2030. 

While Teleport’s new solution technically falls within this market, as an identity and access management provider, the organization is not only competing against DIY access solutions and VPNs, it’s also competing against privileged access management (PAM) solutions like CyberArk. 

CyberArk’s Privileged Access Manager provides enterprises with a solution to store privileged identities in a secure repository and authenticate users via a single web portal.

Earlier this year, CyberArk announced it raised $502.9 million in revenue last year, and also announced the launch of a new venture capital fund, CyberArk Ventures with $30 million to drive investment in wider cybersecurity startups. 

Another competitor and 2022 Gartner Magic Quadrant leader in the PAM market is Delinea, which offers a solution called Secret Server designed to discover privileged accounts.

Secret Server enables users to store privileged credentials in an encrypted vault, while offering provisioning and deprovisioning to help rotate credentials safely and efficiently. Delinea recently announced raising $200 million in annual recurring revenue last year. 

However, Kontsevoy argues that Teleport’s lack of reliance on passwords, and use of biometrics, is what distinguishes the provider from other competitors. 

“Teleport is the only identity-based infrastructure access solution on the market. Most access solutions rely on secrets like keys and passwords to grant access. But secrets are not identity, and can be stolen,” he said. 

Originally appeared on: TheSpuzz