In a new FIDO Alliance case study conducted in partnership with RSA, it found that RSA’s internal push to go passwordless exposed a problem many enterprises will recognize. Passkeys were not the main obstacle. Old password dependencies were.
The case study, Inside RSA:Deploying FIDO and Passwordless Solutions at Scale, FIDO and RSA unearthed a number of novel speedbumps. For example, new employees still needed a password to reach the self-service portal where they were supposed to register a passwordless authenticator.
RSA also found that passwords were still built into basic tasks like resetting an account or getting help from support. To fix that, the company created a way for employees to sign up and recover access without using a password, and it changed its settings so passwordless login became the standard option.
RSA said the technical rollout of passwordless authentication took weeks, but changing employee habits took months, and in some cases up to a year. Adoption stayed modest until RSA paired the rollout with a three-week campaign and a hard deadline, driving a threefold increase in usage. The broader takeaway is simple: passwordless projects still rise or fall on workflow cleanup, recovery design and user adoption, not just standards maturity. Download the case study here (PDF).
Image Courtesly of FIDO Alliance
