Kevin Orr, president of RSA Federal, said the current cybersecurity landscape requires government agencies to adopt passwordless authentication to protect their networks from phishing attempts.
“In a passwordless environment, authentication combines secure possession factors (like tokens or mobile apps) with biometrics, removing the need for vulnerable shared secrets such as passwords,” Orr wrote in an article published on Carahsoft.com.
Enterprise-Ready Passwordless Authentication
To streamline the transition to a passwordless environment, he said agencies should deploy an enterprise-ready platform that could protect all users across environments from cybersecurity threats.
In this piece, Orr cited the RSA Authenticator App and how it supports phishing-resistant device-bound passkeys on Android and iOS environments. He also mentioned other phishing-resistant authentication tools that the company offers, including iShield Key 2 Series and DS100 FIDO2-certified security keys.
Orr explained how RSA helps strengthen passwordless capabilities in hybrid and high-risk environments.
“Microsoft enables strong passwordless access with Windows Hello and FIDO2. RSA extends those capabilities to hybrid, regulated and non-Microsoft environments, helping organizations close any remaining security and operational gaps,” he added.
He also noted that RSA integrates with Microsoft Conditional Access to extend Entra’s passwordless capability across every environment.
How Can Hybrid Authentication Help During Cloud Outages?
In this article, Orr also discussed how a hybrid authentication tool could support agencies.
He mentioned RSA ID Plus Hybrid Failover, which he said enables agencies to complete multifactor authentication processes using a one-time passcode if the cloud becomes unreachable.
