Weak or stolen credentials are enabling factors in most successful security breaches. This and the fact that staff hate passwords led the Cambridge Housing Authority to explore the idea of eliminating them completing. We quickly decided that a FIDO-compliant solution made sense.
This presentation will provide insights and lessons from CHA’s journey towards a passwordless future, from cataloging credentials-gated applications and systems–including legacy solutions, to preparing our environment to support a FIDO-compliant solution, and finally, communicating to management and users as passwords are removed from their authentication experience.
I will also discuss why FIDO and secure authentication is important to nonprofit organizations, which are often overshadowed by traditional for-profit companies and government agencies in discussions of cybersecurity.