# Passwordless Authentication

In today's digital landscape, security is paramount. Passwordless authentication methods enhance security while maintaining user convenience.

***

## Benefits of passwordless authentication

* **Enhanced Security:** Reduces the risk of password-related attacks such as phishing, brute force, and credential stuffing.
* **Improved User Experience:** Eliminates the need to remember and manage multiple passwords.
* **Reduced IT Burden:** Lowers the number of password reset requests, freeing up IT resources.

***

## Recommended methods

### Single Sign-On (SSO) via SAML

SAML (Security Assertion Markup Language) is an open standard for exchanging authentication and authorization data between parties, particularly between an identity provider and a service provider.

**Benefits:**

* Centralized authentication process
* Streamlined user experience with one set of credentials

{% hint style="info" %}
See [Generic SAML Setup](https://github.com/verkada/Verkada-Support-Docs/blob/main/en/command/identity-providers/generic-saml-setup.md) for more information.
{% endhint %}

### Single Sign-On (SSO) via OIDC

OIDC (OpenID Connect) is an identity layer built on top of the OAuth 2.0 protocol. It allows clients to verify the identity of the end-user based on the authentication performed by an authorization server.

**Benefits:**

* Interoperability across different platforms
* Enhanced security features like token-based authentication

{% hint style="info" %}
See [Identity Providers](https://github.com/verkada/Verkada-Support-Docs/blob/main/en/command/identity-providers/generic-saml-setup.md) for OIDC setup guides.
{% endhint %}

### MFA

MFA is strongly recommended for all users using password-based authentication. We recommend using a passkey, security key, or a time-based one-time password (TOTP) app as your primary 2FA method. SMS as a 2FA option poses security risks and is not recommended.

{% hint style="info" %}
See [Two-Factor Authentication](https://help.verkada.com/command/security/authentication-overview/two-factor-authentication) for more information.
{% endhint %}

***

## Password resets

For scenarios where passwordless options are not available, users may need to reset their passwords. Admins have the ability to reset passwords for users within their organization.

{% hint style="info" %}
See the [Verkada Command Account FAQ](https://help.verkada.com/command/need-help/verkada-command-account-faq) for more information.
{% endhint %}