Passwordless shared access: what it means for frontline IAM teams

TL;DR: Security leaders increasingly view IAM as a productivity control as well as a security control, with 92% of organisations reportedly implementing or planning passwordless authentication, according to Imprivata. In critical industries, the real test is whether access can stay fast, accountable, and usable for shared workstations and frontline workflows.

NHIMG editorial — based on content published by Imprivata: Security leaders discuss optimizing identity and access management in critical industries

By the numbers:

• 92% of security leaders say their organizations have implemented or are planning to implement passwordless authentication.

Questions worth separating out

Q: How should security teams implement passwordless authentication for shared devices?

A: Security teams should pair passwordless authentication with device binding, session logging, and automatic reset so the next user starts from a clean state.

Q: Why do shared workstations create IAM governance challenges?

A: Shared workstations create governance challenges because multiple people use the same hardware across a shift, which blurs session ownership unless identity controls are explicit.

Q: What do organisations get wrong about passwordless access?

A: Many organisations treat passwordless as a user-experience upgrade instead of an access governance redesign.

Practitioner guidance

• Redesign shared-device login flows Replace repeated password prompts with passwordless access that still records who authenticated, on which device, and for which workflow.
• Make session reset mandatory Require automatic wipe-and-reset behaviour on shared workstations and shared mobile devices before the next user starts.
• Use context to tune assurance Apply risk-based authentication and device context to decide when to step up verification versus when to preserve continuity.

What's in the full article

Imprivata's full article covers the operational detail this post intentionally leaves for the source:

• Frontline workflow examples showing how shared device access is handled in healthcare, government, and manufacturing
• The podcast discussion on balancing passwordless usability with security accountability across real operational settings
• Specific examples of how shared mobile access resets the device between users after each session
• The vendor's framing of how IAM can support productivity without weakening access control

👉 Read Imprivata's discussion of passwordless shared access in critical industries →

Passwordless shared access: what it means for frontline IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →