NEW
CMS for mortgage and lending
Type CMS

Passkey Authentication Now Available for Type CMS Users

August 1, 2024

Passkey Authentication Now Available for Type CMS Users

Type CMS has been updated to support passkey authentication, providing users with a more secure and convenient way to access the platform. Passkeys offer a passwordless login experience, leveraging public key cryptography to enhance security while simplifying the authentication process. This update reduces the reliance on traditional passwords, minimizing the risk of unauthorized access and improving overall user experience.

How Passkeys Work

  • Public and Private Key Pair: When a passkey is created, it generates a pair of cryptographic keys—a public key and a private key. The public key is stored on the server, while the private key remains securely on the user’s device.
  • Authentication Process: During login, the server sends a challenge (a random piece of data) to the user’s device. The device uses the private key to sign this challenge and send it back to the server. The server then verifies the signature using the stored public key. If the verification is successful, the user is authenticated.
  • Device-Based Security: The private key is typically stored in secure hardware on the user’s device, like a Trusted Platform Module (TPM) or a Secure Enclave, making it difficult to extract or compromise.

Benefits of Passkeys

  • Enhanced Security: Passkeys are resistant to common attacks like phishing, credential stuffing, and brute-force attacks since there’s no password to steal or guess.
  • Ease of Use: Users don’t need to remember complex passwords or use password managers. Authentication is often seamless, using biometrics (like a fingerprint or face scan) or a device PIN.
  • Cross-Platform Compatibility: Passkeys can work across various devices and platforms, and they are designed to be used with existing standards like FIDO2 and WebAuthn.

Passkeys are being promoted by major tech companies, including Apple, Google, and Microsoft, as part of a broader move toward passwordless authentication. They are already being integrated into various operating systems, browsers, and services, making it easier for users to adopt this more secure authentication method.

To enable Passkeys on your account, follow these steps:

  1. Sign into your organization
  2. Click on your user icon / name in the top navigation
  3. Select "manage account"
  4. Once the account modal is displayed, select "Security" in the left rail
  5. Now select "Add a passkey" and follow the steps to setup your passkey

Main takeaways

  • Type CMS now supports passkey authentication for secure, passwordless logins.
  • Passkeys use public key cryptography, with the private key stored securely on the user’s device.
  • This method enhances security against phishing, credential theft, and brute-force attacks.
  • Passkeys are easy to use, often relying on biometrics or device PINs, and are compatible across multiple platforms.

A CMS that makes cents

Pricing starts at free

Get started in minutes. No credit card required.