Passwordless Authentication

Overview of passwordless authentication methods for Verkada Command

In today's digital landscape, security is paramount. Passwordless authentication methods enhance security while maintaining user convenience.

Benefits of passwordless authentication

Enhanced Security: Reduces the risk of password-related attacks such as phishing, brute force, and credential stuffing.
Improved User Experience: Eliminates the need to remember and manage multiple passwords.
Reduced IT Burden: Lowers the number of password reset requests, freeing up IT resources.

Recommended methods

Single Sign-On (SSO) via SAML

SAML (Security Assertion Markup Language) is an open standard for exchanging authentication and authorization data between parties, particularly between an identity provider and a service provider.

Benefits:

Centralized authentication process
Streamlined user experience with one set of credentials

See Generic SAML Setup for more information.

Single Sign-On (SSO) via OIDC

OIDC (OpenID Connect) is an identity layer built on top of the OAuth 2.0 protocol. It allows clients to verify the identity of the end-user based on the authentication performed by an authorization server.

Benefits:

Interoperability across different platforms
Enhanced security features like token-based authentication

See Identity Providers for OIDC setup guides.

MFA

MFA is strongly recommended for all users using password-based authentication. We recommend using a passkey, security key, or a time-based one-time password (TOTP) app as your primary 2FA method. SMS as a 2FA option poses security risks and is not recommended.

See Two-Factor Authentication for more information.

Password resets

For scenarios where passwordless options are not available, users may need to reset their passwords. Admins have the ability to reset passwords for users within their organization.

See the Verkada Command Account FAQ for more information.

Last updated 15 hours ago

Was this helpful?