Passwordless authentication is a form of multi-factor authentication (MFA) that eliminates the need for a password. Instead of relying on something the user knows (like a password), passwordless authentication uses alternative methods to verify a user’s identity. These methods may include something the user has (such as a trusted mobile device or a hardware security key) and something the user is (like a fingerprint scan). Common use cases for passwordless authentication include employee (workforce) authentication and customer authentication. Organizations adopt passwordless authentication to enhance user experience—since many people forget or reuse weak passwords—reduce security risks from breached passwords, and lower the costs of password management by relieving help desks from handling frequent password resets. For a product to be categorized under Passwordless Authentication, it must authenticate users using FIDO-compliant authenticator apps, security keys/cards, or similar technologies. Products relying primarily on email or SMS-based authentication are excluded from this category due to their vulnerability to hacks. Likewise, a product that merely replays passwords is not considered passwordless—true passwordless solutions do not involve passwords at any stage. Some passwordless solutions may combine FIDO-compliant methods with biometric authentication, and may also offer fallback methods, such as voice, email, or SMS-based authentication, but these should only be available for situations where users are offline or lack cellular data access, rather than being the primary authentication method.