We’ve introduced a new feature in Protectimus Dynamic Strong Password Authentication (DSPA): Passwordless Authentication. With this option, administrators can set up login with OTPs only. This removes the risks linked to static passwords while keeping authentication strong and simple for users. In this article, we’ll explain how Protectimus DSPA works by default, what changes with the new “Allow Passwordless” option, and when it makes sense to use passwordless authentication in your systems. Get Started with Protectimus DSPA How Protectimus DSPA Works by Default Protectimus Dynamic Strong Password Authentication (DSPA) solution integrates directly with user directories such as Microsoft Active Directory, LDAP, or any other supported database. It appends a six-digit one-time password (OTP) to each user’s static password. The six digits are generated using the TOTP algorithm and change at fixed time intervals. This makes the final password look like: P@ssw0rd!767815 Here, P@ssw0rd! is the static part, while 767815 is the dynamic OTP that constantly refreshes. Administrators can define how often the OTP changes – from every 30 seconds to longer intervals (the interval must be a multiple of 30). The change frequency can be set individually for each user, and administrators can also choose which groups require DSPA protection and which do not. Importantly, only the last six digits are updated according to the configured schedule, keeping management simple and predictable. In practice, user authentication works like this: to log in, users enter their fixed password and the six-digit OTP together as one string. OTPs can be generated with the Protectimus SMART mobile app, via chatbots in Telegram, Viber, or Facebook Messenger, or using hardware tokens supported by Protectimus DSPA. | Read also: Two-factor authentication for Windows 7, 8, 10 What Changes with “Allow Passwordless” With the “Allow Passwordless” option turned on, users log in only with one-time passwords (OTPs). Static passwords are no longer part of the process. Instead of using a permanent password along with an OTP, authentication depends entirely on dynamic codes that change with each login attempt. This method makes the user experience simpler while also greatly improving security. Weak, reused, or stolen passwords, which are a common cause of breaches, are completely eliminated. At the same time, OTPs make sure that every login is confirmed with a unique, time-limited credential. Administrators can choose how widely to apply this setting. Passwordless authentication can be enabled for all accounts to create a consistent login process across the organization, or it can be activated only for specific users and systems where minimizing password risks is particularly important. Advantages of Passwordless Authentication Mode Passwordless authentication with Protectimus DSPA brings a range of benefits for both users and administrators: Simplified User Experience. Users don’t need to remember complex passwords or update them regularly. Logging in with a single OTP makes access faster and easier while still keeping accounts secure. Reduced IT Overhead. Fewer password-related support requests and resets mean IT teams can spend less time managing credentials and focus on other priorities, all while maintaining strong security. Lower Password Risks. Removing static passwords eliminates the threat of weak, reused, or stolen credentials. Every login relies on a time-based one-time password (OTP) that constantly changes and can’t be reused. Flexible Deployment. Administrators can enable passwordless authentication for everyone or only for specific users and groups, making it easy to tailor security policies to the organization’s needs. In short, passwordless authentication simplifies the login process for users without compromising security, providing organizations with a flexible way to protect their systems without relying on static passwords. | Read also: Authenticator App Protectimus SMART Updated – Now With Encrypted Cloud Backup When to Use Passwordless Authentication vs. Password + OTP Choosing between...