2 min

Tags in this article

, , , ,

Stytch introduced a new password-based authentication solution. According to the company, a whopping 85 percent of IT and security experts don’t believe passwords are entirely going away just yet.

Stytch develops an API-first authentication platform. Over the past two years, the company focused on passwordless authentication solutions. That changes with ‘Passwords’, a new solution that should help businesses move towards passwordless without abandoning passwords altogether.

Innovations in a new solution

According to a blog post by Stytch’s team, the architecture of password-based authentication hasn’t progressed all that much over the past decades. The team realized that if it were to dive into passwords, it would need to build a brand-new solution to enhance both security and user experience.

The solution features four integration for that purpose. First, there’s ‘HaveIBeenPwnd’, a service that enables Internet users to determine whether data breaches have exposed their personal information. Stytch checks HaveIBeenPwnd each time a user signs in with a password and initiates a password reset if a breach is discovered.

The second integration is ‘Strength analysis’. Stytch employs Dropbox’s zxcvbn password strength calculator, which offers a customizable strength evaluation based on a password’s resistance to current password guessing methods.

‘Safe account de-duplication’ comes third. Stytch safely de-duplicates accounts by email independent of the login mechanism, enabling users to switch their authentication method when logging into an app without unintentionally generating additional accounts.

Lastly, there’s two integration options for password resets. Customers have the choice of integrating a traditional password-reset email OR integrating a password reset via Email Magic Link for a smoother experience if people only need to access their account and do not want to change their password.

Target audience

The company is trying to cater to enterprises that already have authentication systems but want to be passwordless without introducing tech that is too new or too disruptive to users. Stytch isn’t picking a single demographic. It aims to cater to everyone instead.