Stytch, a company founded to spread the adoption of passwordless authentication, has announced what it’s calling a modern upgrade to passwords. The cloud-based solution addresses four common problems with passwords that create security risks and account friction.
Password reuse. When someone tries to access an account covered by the Stytch solution, the password is automatically vetted at HaveIBeenPwnd, a dataset of 12 billion compromised passwords. A password reset is automatically triggered if the password is in the dataset.
Strength assessment. When someone creates a password, its strength is automatically assessed using Dropbox’s zxcvbn password strength estimator and a suggestion made that a stronger password should be chosen.
Account de-duplicating. Users might forget what authentication method they used to access their account. Did they use Facebook or Google? Did they use an email address? Choosing the wrong method can result in creating a duplicate account. Stytch prevents that by permitting an email login that allows an account to be accessed regardless of the original authentication method.
Better reset. Someone wants to access their account, but their password isn’t immediately available. Rather than reset their password to access their account, Stytch offers an email alternative that allows a user to access an account without a password reset.
Enthusiasm, hesitancy for passwordless authentication
Stytch co-founder and CEO Reed McGinley-Stempel explains that his company was started with a negative view of passwords. “We still have a negative view of traditional password systems and a lot of the assumptions baked into them,” he says, “but if you’re a passwordless company that wants to drive passwordless adoption, you can’t ignore password innovation.”
More Stories
The AI Fix #30: ChatGPT reveals the devastating truth about Santa (Merry Christmas!)
In episode 30 of The AI Fix, AIs are caught lying to avoid being turned off, Appleās AI flubs a...
US and Japan Blame North Korea for $308m Crypto Heist
A joint US-Japan alert attributed North Korean hackers with a May 2024 crypto heist worth $308m from Japan-based company DMM...
Spyware Maker NSO Group Found Liable for Hacking WhatsApp
A judge has found that NSO Group, maker of the Pegasus spyware, has violated the US Computer Fraud and Abuse...
Spyware Maker NSO Group Liable for WhatsApp User Hacks
A US judge has ruled in favor of WhatsApp in a long-running case against commercial spyware-maker NSO Group Read More
Major Biometric Data Farming Operation Uncovered
Researchers at iProov have discovered a dark web group compiling identity documents and biometric data to bypass KYC checks Read...
Ransomware Attack Exposes Data of 5.6 Million Ascension Patients
US healthcare giant Ascension revealed that 5.6 million individuals have had their personal, medical and financial information breached in a...