The best identity management advice right now

We've never been closer to getting pervasive, global identities. And with 2FA/MFA, you get all of the benefit with less of the risk.


Identity is the only security boundary that has ever mattered in computer security defense. Physical boundaries, firewall boundaries, security domains, forests, realms and virtual networks… none of those matter if a single logon credential that can access multiple domains is compromised.

Today’s identity solutions are able to access sometimes hundreds of thousands of different security domains using a single credential, but surprisingly can do so while decreasing overall risk. How is this possible?

Identity in the early days

In the early days of computers and networking, most people used a single logon name and password to access everything. This proved to be a very bad strategy, as the compromise of one computer could lead to a compromise of every other computer sharing the same logon credentials. Everyone was told to create a different password for every different system they accessed.

Identity mid-term

With most people now accessing dozens to hundreds of different password-protected resources, using different passwords for each resource required either writing them all down (a big no-no), using a password manager (which stored all the passwords and maybe also auto-logged people in as they visited all the different sites), or some sort of single sign-on (SSO) solution.

SSO solutions became fairly popular in the enterprise and password managers became fairly prevalent in the home user space. But both types of solutions have never worked across all security domains and platforms with a decent amount of consistency. A few broadly applying SSO solutions were created, tried and abandoned, such as Microsoft’s original Passport and the decentralized OpenID standard. None of the mid-term SSO solutions really took off despite all their promises of global use and acceptance.

To continue reading this article register now

The 10 most powerful cybersecurity companies