I am excited to join HYPR as VP of Engineering. Why did I decide to join the passwordless company? Well, there are a lot of good reasons, including new additions to my black t-shirt collection, but seriously, the key one is that HYPR is laser focused on eliminating passwords for authentication, and I want to be part of that revolution.
So, why is a passwordless world a big deal? It boils down to security and usability.
Passwordless as Security
The single biggest security issue in the digital world concerns the continued use of passwords for authentication to websites, machines, apps, bank accounts, and so forth. This is a major security issue because passwords are stolen en-masse through breaches. Identities are compromised through passwords-based hacking techniques such as credential stuffing, brute-force, social engineering, and phishing. Passwords are as a result a poor and out-dated form of security.
Usability as Security
The biggest usability or user experience (UX) barrier for access to online services is passwords. I have passwords for dozens of systems. I get reminded and forced to change my password regularly. I continually request password resets when I fail along with most people to keep track of new passwords to new websites I sign up for. I type in passwords at least 50 times a day, and even with things like password managers or “lockers” that may somewhat improve credential safety and usability, it still interrupts my productivity and flow of work. Nothing about passwords is usable.
HYPR solves the password problem at its core, by completely eliminating passwords altogether. Without going too much into too much technical detail, HYPR leverages key proven building blocks:
1) Your mobile phone – using its native biometric capability to identify you.
2) Public Key Encryption (PKE) to authenticate you.
3) Modern UX techniques to ensure when you access a site or service, the authentication experience for you is safe, secure and frictionless.
4) HYPR builds upon and contributes to the FIDO standard which is supported by industry leaders such as Apple, Google, Microsoft, and Samsung to expand adoption.
To underscore the severity and scope of the password problem, Akamai reported in its State of the Internet report in 2019 that within a 16-month period nearly 57 billion malicious login attempts were detected and over 6% of those were directed at the financial sector. This is a multi-billion dollar problem. A passwordless MFA solution like HYPR, prevents attackers from reusing credentials harvested from previous breaches. It also means they can no longer attempt credential stuffing attacks and achieve large-scale breaches because passwords have been phased out. My mission with the team at HYPR is to make passwordless technology mainstream, where we support billions of safe, secure authentications every day for people worldwide.
I’ve had the privilege to be part of five VC-backed startups over my career, and in all cases, I placed all of my energy into building great teams, products, and solving real world problems — at scale. I look forward to doing the same and more with the passwordless technology at HYPR and my new amazing team. Let’s get to work!