RSA's Journey to 100% Passwordless Authentication

This case study outlines RSA Security's initiative to achieve 100% passwordless authentication for its workforce by deploying its own identity and access management platform, RSA ID Plus. The document details the challenges faced during this transition, including the complexities of integrating passwordless solutions within the existing identity ecosystem. RSA discovered various operational realities, such as the need for new user enrollment processes that did not rely on passwords and the importance of addressing help desk verification methods to prevent social engineering attacks. The study further explains the phased approach RSA took to implement passwordless authentication, highlighting the significance of organizational readiness alongside technological deployment. It emphasizes the lessons learned regarding user behavior, the necessity of providing familiar fallback options during the transition, and the effectiveness of creating a clear deadline for mandatory adoption. The insights gained from RSA's experience are intended to assist other organizations in navigating their own passwordless deployment journeys.