Replacing passwords with two-factor authentication frameworks to identify end users is not one of those IT trends that will occur overnight. In fact, passwords may never be replaced completely given the number of legacy applications that make use of them.
But that doesn’t mean that progress can’t be made. This week at the Mobile World Congress 2016 conference, VMware and Twilio announced that VMware will embed support for the Authy 2FA authentication service directly within VMware Identity Manager software.
Marc Boroditsky, vice president of authentication for Twilio, says IT organizations that make use of VMware will no longer have to go to the trouble of setting up their own two-factor authentication service. Instead, they will be able to invoke an Authy 2FA authentication service that VMware has tapped into using a simple set of application programming interfaces (APIs).
Last year, Twilio added authentication services to its portfolio by acquiring Authy. Boroditsky says the basic idea is to use APIs to make it simpler for developers to add two-factor authentication to their applications. Boroditsky says that Twilio is under no illusion that passwords are going away any time soon. But as far as new applications are concerned, two-factor authentication provides a superior approach to verifying end-user identities.
Perhaps best of all, two-factor authentication significantly reduces the amount of time and energy that internal IT organizations spend managing passwords that most end users either can’t remember or make too simple to be an effective means of providing security.
APIs can make implementing two-factor authentication a lot simpler for many IT organizations. But no matter how much IT departments might wish otherwise, there’s always going to be some password-using legacy application that simply won’t fade away.