Why You Need to Ditch Passwords, Private Keys, and All Other Forms of Secrets
Despite the steady drumbeat of news stories on security breaches caused by compromised credentials, 70% of teams still use secrets such as private keys or passwords to grant infrastructure access. In this webinar, we’ll cover why all forms of secrets are bad for you and your business, and why MFA is not good enough. We'll cover how the adoption of Passwordless Authentication and related hardware technologies like TPMs and HSMs fix a slew of problems, including making phishing attacks a thing of the past.
Infrastructure today is protected by secrets like passwords, private SSH keys, API tokens and cookies. They are all just secrets, and all forms of secrets are vulnerable to human error. Secrets can be lost, stolen, accidentally leaked or even traded on dark web marketplaces. Most engineers know this, which is why every SSH tutorial begins with instructions for disabling passwords and enabling private/public key pairs. But a private key is just another form of a secret. Encrypting secrets also does not help — it simply converts one form of secret into another. That’s why Passwordless is the answer.
That’s also why we’re excited to introduce you to how we’ve helped solve this problem with open source — through Machine ID and Passwordless Access in Teleport 10. Watch this webinar to learn how to:
➢ Move away from storing identity only as a password-protected electronic record
➢ Replace any static credential with more secure biometrics for people and hardware-protected enclaves for machines
➢ Reduce the probability of human error with private keys, API keys, etc.
➢ Embrace passwordless infrastructure to enable your organization to take a step forward in cybersecurity and protect your most valuable assets
➢ Ev Kontsevoy, CEO at Teleport
➢ Ben Arent, Developer Relations Manager at Teleport