New features make it easy for subscribers to ditch passwords and enable their users to log in with just an email account or mobile phone
BELLEVUE, Wash.--(BUSINESS WIRE)--Auth0, the leading universal identity platform, today introduced passwordless authentication, allowing developers to quickly and easily implement secure authentication for their apps without the need for passwords. Passwordless authentication through Auth0 uses email, or SMS to replace a username and password for any application. Also released today is Auth0’s ‘Lock Passwordless’ - a free login box widget for software developers that can be integrated into any web, native or mobile application with just a few lines of code, almost effortlessly enabling use of a fingerprint or one-time access code or link.
“Passwords can be easily forgotten or stolen,” said Auth0 CEO, Jon Gelsey. “By eliminating the need for users to remember passwords, developers and IT professionals can reduce hassles for their users, greatly increase the security of their apps, APIs and IoT devices, and accelerate user acquisition. Now, any application can easily incorporate simple yet strong multifactor identity security.”
Passwordless authentication uses either a fingerprint, a temporary secret link, a temporary secret code, or a combination of the three to allow access and authenticate a login. The link or code is sent to a user’s verified email address or phone number, or is displayed on an authenticator app on their phone. The link or code expires after a few minutes, ensuring that others cannot gain access if the code becomes compromised. In addition, OS native fingerprint identification can also use the fingerprints of a pre-registered user to log them in. Email, and SMS passwordless authentication can be implemented with just a few lines of code and Auth0’s cloud platform, and can be combined with other features such as multifactor authentication.
“Human error associated with passwords is a common entry point for hackers to exploit. The prevalence of easy-to-guess passwords or passwords compromised through exploits is low-hanging fruit for black hats,” Gelsey continued. “Passwordless authentication makes access more secure, while removing the burden of remembering and typing a strong password on a phone.”
Auth0’s goal is to make secure identity implementation and management easy for developers and IT professionals. Auth0’s passwordless authentication can be used with any identity provider or application, making the migration away from traditional passwords extraordinarily simple. This announcement is the latest addition to Auth0’s comprehensive and ever-growing universal identity security platform which also helps subscribers implement single-sign-on (SSO), multifactor authentication (MFA), and much more across any application, API or IoT device.
Auth0 provides frictionless authentication and authorization for developers. The company makes it easy for developers to implement even the most complex identity solutions for their web, mobile, and internal applications. Ultimately, Auth0 allows developers to control how a person’s identity is used with the goal of making the internet safer. As of August, 2016, Auth0 has raised over $24m from Trinity Ventures, Bessemer Venture Partners, K9 Ventures, Silicon Valley Bank, Founders Co-Op, Portland Seed Fund and NXTP Labs, and the company is further financially backed with a credit line from Silicon Valley Bank.