Search
00
GBAF Logo
trophy
Top StoriesInterviewsBusinessFinanceBankingTechnologyInvestingTradingVideosAwardsMagazinesHeadlinesTrends

Subscribe to our newsletter

Get the latest news and updates from our team.

Global Banking & Finance Review®

Global Banking & Finance Review® - Subscribe to our newsletter

Company

    GBAF Logo
    • About Us
    • Advertising and Sponsorship
    • Profile & Readership
    • Contact Us
    • Latest News
    • Privacy & Cookies Policies
    • Terms of Use
    • Advertising Terms
    • Issue 81
    • Issue 80
    • Issue 79
    • Issue 78
    • Issue 77
    • Issue 76
    • Issue 75
    • Issue 74
    • Issue 73
    • Issue 72
    • Issue 71
    • Issue 70
    • View All
    • About the Awards
    • Awards Timetable
    • Awards Winners
    • Submit Nominations
    • Testimonials
    • Media Room
    • FAQ
    • Asset Management Awards
    • Brand of the Year Awards
    • Business Awards
    • Cash Management Banking Awards
    • Banking Technology Awards
    • CEO Awards
    • Customer Service Awards
    • CSR Awards
    • Deal of the Year Awards
    • Corporate Governance Awards
    • Corporate Banking Awards
    • Digital Transformation Awards
    • Fintech Awards
    • Education & Training Awards
    • ESG & Sustainability Awards
    • ESG Awards
    • Forex Banking Awards
    • Innovation Awards
    • Insurance & Takaful Awards
    • Investment Banking Awards
    • Investor Relations Awards
    • Leadership Awards
    • Islamic Banking Awards
    • Real Estate Awards
    • Project Finance Awards
    • Process & Product Awards
    • Telecommunication Awards
    • HR & Recruitment Awards
    • Trade Finance Awards
    • The Next 100 Global Awards
    • Wealth Management Awards
    • Travel Awards
    • Years of Excellence Awards
    • Publishing Principles
    • Ownership & Funding
    • Corrections Policy
    • Editorial Code of Ethics
    • Diversity & Inclusion Policy
    • Fact Checking Policy
    Original content: Global Banking and Finance Review - https://www.globalbankingandfinance.com

    A global financial intelligence and recognition platform delivering authoritative insights, data-driven analysis, and institutional benchmarking across Banking, Capital Markets, Investment, Technology, and Financial Infrastructure.

    Copyright © 2010-2026 - All Rights Reserved. | Sitemap | Tags

    Editorial & Advertiser disclosure

    Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

    1. Home
    2. >Technology
    3. >How Zero Trust Architecture is creating a passwordless society
    Technology

    How Zero Trust Architecture Is Creating a Passwordless Society

    Published by Jessica Weisman-Pitts

    Posted on April 7, 2022

    5 min read

    Last updated: February 8, 2026

    Add as preferred source on Google
    An individual using a laptop to demonstrate the shift towards passwordless authentication methods. This reflects the growing trend of Zero Trust Architecture in enhancing cybersecurity and information privacy.
    Woman logging into a laptop, emphasizing passwordless security concepts - Global Banking & Finance Review
    Why waste money on news and opinion when you can access them for free?

    Take advantage of our newsletter subscription and stay informed on the go!

    Subscribe

    Tags:innovationsecuritytechnologyfinancial services

    By Jonas Iggbom, Director Sales Engineering at Curity

    The world is finally waking up to a passwordless future. For a long time, passwords have been the main form of authentication for both businesses and consumers, however, they have not been without issue or vulnerability. As we move forward, we can now look towards more secure solutions that facilitate the step away from traditional password-based security.

    One of the solutions that more and more businesses are looking towards is a Zero Trust Architecture (ZTA), which requires users to be identified more frequently. This removes the implicit trust and forces users to validate each stage of the digital experience. As this becomes more practical it allows room for alternative authentication methods.

    Phasing out passwords

    Storing passwords in clear text in a data store that applications can easily read and access is a bad idea. As the application will pass the clear text password between different components in the app, this allows for vulnerability that can be exploited by hackers in order to obtain the password.

    While the attraction to traditional passwords is understandable, their easy-to-remember model is a hacker’s dream. Modern computing power can easily be leveraged repeatedly to attempt to re-create the encrypted or hashed version of the password. Hackers can use a dictionary to feed the process with common words, making it even faster to crack trivial passwords. While more complex passwords may seem like a solid temporary solution, their lack of memorability leads to people writing these down, and regardless of where and how that’s done, it’s never a good idea. Password managers serve as an alternative, however they come with their own set of issues. A password manager must be protected somehow, usually with…a password. Password managers also typically require an application to be installed. Lastly, the copy and paste process between the password manager and the target application can be tedious.

    Moving towards Zero Trust

    Utilising a Zero Trust approach requires frequent identity verification. While all security professionals know that authentication determines a user identity, in a Zero Trust Architecture, services and applications need to verify who is requesting access to a resource at every access attempt.Using passwords would not be user-friendly or time-efficient for this ongoing verification. It requires the user to authenticate repeatedly,which is time-intensive, especially if complex passwords are used. Even with a password manager, retrieving the password from storage would require a lot of time and effort with every authentication.

    A token-based approach

    Tokens provide the robust authentication service needed to underpin a Zero Trust Architecture. The digital equivalent of a stamp on your wrist as you enter a nightclub that allows you to come and go all night long but becomes invalid the next day, tokens enable enhanced security with a seamless experience.

    A token-based approach to authentication can handle all the different types of use cases spanning from users accessing resources to services communicating with other services. It is scalable and highly flexible, allowing security architecture to handle both users and services and to vary the type of authentication required based on the value of the resources being accessed. For example, Multi-Factor Authentication may be required to increase security where super sensitive information is involved, whilst Single Sign On will play an important role in other less serious circumstances to ensure a smoother online experience as possible. This makes tokens the ideal method to use when it comes to API security and access control of microservices.

    Tokens also enable organisations to calculate the level of confidence in a given authentication, using additional inputs such as time of day, geo location, or risk score. If the score indicates an unacceptable level of risk, greater alerting, reporting and other additional factors may need to be invoked in order to raise the confidence level of the user’s identity.

    The use of tokens paves the way for fundamental frameworks for protecting APIs, such as OAuth and OpenID Connect. OAuth provides the foundation, allowing users to grant a third-party website or application access to their protected resources without necessarily revealing their long-term credentials or even their identity. OpenID Connect is an identity layer that sits on top of OAuth and handles identifying the user. Solutions that support these standards are usually straightforward and easy to integrate, providing several authentication options out of the box.

    With the common frustrations of forgotten passwords and poor password practices, passwordless authentication introduces a better, seamless experience eliminating the need for users to rely on the increasingly inefficient use of passwords. And with these solutions, the movement towards a passwordless world has finally gained some momentum. Organisations should move towards gradually implementing a Zero Trust Architecture in order to protect their resources, starting with critical resources and determining the requirements for strong authentication to strengthen their security – whilst, importantly, making the transition smooth for end users. That way, we’ll spend less time trying to remember which year we travelled to Mexico whilst furiously hitting ‘reset password’ and more time enjoying the content we’re attempting to access.

    Frequently Asked Questions about How Zero Trust Architecture is creating a passwordless society

    1What is Zero Trust Architecture?

    Zero Trust Architecture is a security model that requires strict identity verification for every person and device trying to access resources on a network, regardless of whether they are inside or outside the network perimeter.

    2What is OAuth?

    OAuth is an open standard for access delegation commonly used as a way to grant websites or applications limited access to user information without exposing passwords.

    3What is OpenID Connect?

    OpenID Connect is an authentication layer built on top of OAuth 2.0 that allows clients to verify the identity of end-users based on the authentication performed by an authorization server.

    4What are the risks of traditional passwords?

    Traditional passwords can be easily compromised through various methods such as phishing, brute force attacks, and poor password management, leading to unauthorized access to sensitive information.

    More from Technology

    Explore more articles in the Technology category

    Image for How Can AI-Powered Customer Support Improve Fintech Operations?
    How Can AI-Powered Customer Support Improve FinTech Operations?
    Image for Infosecurity Europe announces former Ukrainian Minister of Foreign Affairs, Dr. Dmytro Kuleba as headline keynote as 59% of cybersecurity leaders say geopolitics Is hindering European collaboration
    Infosecurity Europe Announces Former Ukrainian Minister of Foreign Affairs, Dr. Dmytro Kuleba as Headline Keynote as 59% of Cybersecurity Leaders Say Geopolitics Is Hindering European Collaboration
    Image for Showcasing Digital Leadership – Best Bank for Social Media 2026
    Showcasing Digital Leadership – Best Bank for Social Media 2026
    Image for Innovation Through Partnership: The Role of External Tech Teams
    Innovation Through Partnership: The Role of External Tech Teams
    Image for Nominations Open for Technology Awards 2026
    Nominations Open for Technology Awards 2026
    Image for Nominations Open for Innovation Awards 2026
    Nominations Open for Innovation Awards 2026
    Image for Archie earns industry recognition across G2, Capterra, and SoftwareReviews
    Archie Earns Industry Recognition Across G2, Capterra, and SoftwareReviews
    Image for The Bankaool Transformation: How a Regional Mexican Bank Became a Fintech Disruptor
    The Bankaool Transformation: How a Regional Mexican Bank Became a FinTech Disruptor
    Image for Submit Your Entry Today for Digital Banking Awards 2026
    Submit Your Entry Today for Digital Banking Awards 2026
    Image for Behavioral AI in Financial Services: Moving Beyond Automation Toward Human Understanding
    Behavioral AI in Financial Services: Moving Beyond Automation Toward Human Understanding
    Image for Submit Your Entry for Brand of the Year Awards Technology Bahrain 2026
    Submit Your Entry for Brand of the Year Awards Technology Bahrain 2026
    Image for Entries Now Open for Best Islamic Open Banking Burkina Faso APIs 2026
    Entries Now Open for Best Islamic Open Banking Burkina Faso APIs 2026
    View All Technology Posts
    Previous Technology PostIs Your Small Business at Risk of Cyber Attacks?
    Next Technology PostHSBC Counterparty Credit Risk and Valuation Adjustments on Google Cloud Case Study