Skip to content

Trimble Identity and Passwordless Authentication

Trimble Identity (TID) is the centralized authentication service that provides single sign-on capability and handles the responsibility of authenticating the identity of the users across multiple products and APIs. Introducing passwordless authentication in Trimble Identity, offers the following benefits:

Streamlined Field User Experience

Field users often work in environments and devices with small form factors where the traditional password-based authentication is less than ideal:

  • A Truck Driver trying to get to the next delivery location
  • A Construction user with gloves using a field device to login to a Trimble app

It is crucial to provide a secure yet seamless authentication process. Passwordless authentication offers the following key advantages:

Accessibility and Efficiency

Passwordless authentication using security keys or biometrics enable quick and easy authentication, allowing field users to access Trimble’s applications promptly without recalling complex passwords.

Easy Device Handoff

Passwordless authentication using a mobile phone or security key allows field workers to securely access Trimble’s applications across multiple devices, ensuring easy continuity. This becomes important where the devices are shared across multiple users in the field.

Enhanced Security

Passwordless authentication offers security benefits that reduce the risks associated with passwords, such as password reuse across multiple accounts, phishing and credential stuffing using automated tools.

No Shared Secrets

Traditional authentication relies on shared secrets (passwords) stored on servers, making them susceptible to breaches and insider threats. Passwordless authentication does not require the storage of any shared secrets, significantly reducing the risk of data exposure.

Understanding Passwordless Authentication

Passwordless authentication represents a paradigm shift in verifying user identity without relying on traditional passwords. Instead of requiring users to remember and enter passwords, passwordless methods leverage other secure factors that include:

Biometric Authentication

Biometric authentication methods, such as fingerprint or facial recognition, verify users based on unique physical attributes. These are difficult to replicate, offering a secure and user-friendly way to authenticate. Users can leverage the biometric capabilities in modern smartphones and use it as a trusted device to authenticate and access a wide range of devices and applications securely.

Security Keys

Security keys are physical devices that users can plug into their mobile devices to prove their identity. Security keys can also be enabled with Near Field Communication (NFC) and can communicate wirelessly with other devices making the authentication process even more convenient.

One of the key technologies enabling Passwordless Authentication is WebAuthn (Web Authentication) which is an open standard developed by the World Wide Web Consortium (W3C) and supported by the FIDO (Fast Identity Online) Alliance. It has garnered widespread support from major technology leaders, including Microsoft, Google, AWS and Apple. This strong support underscores the credibility and potential of this open standard.