The Death of Passwords: The Future of Authentication

Описание: Is passwordless authentication finally ready for prime time, or are we just replacing one set of problems with another?

Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I’m Jim and in this episode, we’re tackling one of the oldest challenges in information security: identity and access management.

I’m joined by David Higgins, CTO at CyberArk and Murtaza Hafizja, Senior Technical Product Marketing Leader from OneSpan, who bring decades of combined experience from the front lines of identity, authentication and access control. Together, we explore how the industry has evolved from simple username/password combinations to biometrics, passkeys and continuous authentication and where the technology is heading next.

⸻

Summary

We examine the persistent challenges around identity management, from the struggle between security and user convenience to the explosion of non-human identities that now need managing. David explains why privilege access management has evolved from credential vaulting to zero standing privileges and how cloud environments have created both opportunities and complexities with their tens of thousands of granular permissions. Murtaza tells us about the passwordless evolution, why risk-based authentication is making a comeback and the real barriers to rolling out modern authentication at scale.

Whether you’re a CISO wrestling with third-party access, an IT manager trying to balance security with productivity or just someone interested in where authentication is heading, you’ll get honest perspectives on what works, what doesn’t and what’s actually achievable.

⸻

Key talking points
• The Passwordless Evolution and What It Really Means
Learn why passwords are finally on their way out (mostly), how passkeys and biometrics have moved from niche to mainstream and why the technology that failed 20 years ago is now becoming the de facto standard for authentication.
• Zero Standing Privilege and the Cloud Permission Problem
Discover how cloud environments have paradoxically made privilege management both more granular and more complex, why organisations are moving away from permanent permissions and how just-in-time access is becoming essential for modern infrastructure.
• Continuous Authentication and Behavioural Analysis
Understand why a single login authentication isn’t enough anymore, how attackers are owning identities by exploiting help desks and why monitoring user behaviour patterns might be the key to stopping credential-based attacks before they cause damage.

On the security of key documentation:

“Attackers aren’t breaking in anymore, they’re logging in.”
David Higgins, CyberArk

⸻

Listen to this episode on your favourite podcasting platform:
https://razorwire.captivate.fm/listen

⸻

In this episode, we covered the following topics:
• The Evolution of Identity Management
• From Too Little Granularity to Too Much
• Zero Standing Privilege as the New Normal
• The Passwordless Movement Goes Mainstream
• Third Party and Non-Human Identity Challenges
• Continuous Authentication and Risk-Based Approaches
• The Help Desk as Attack Vector
• Balancing Security Friction with User Acceptance
• Privilege Access Management Evolution
• The Privacy vs Security Dilemma


Connect with your host James Rees
Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.

Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.

With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.

📩 Email: [email protected]
🌐 Website: (https://www.razorthorn.com)

⸻

Follow us online:
LinkedIn: (  / razorthorn-security  )
YouTube: (   / @razorthornsecurity  )
TikTok: Razorwire Podcast
Twitter/X: (  / razorthornltd  )