Andy Ellis

We need something a little bit better.

They were originally meant for groups, not individuals.

But here's, I think the thing I'm really tired of hearing, which is thinking about authentication of a human.

Most of us do not employ humans.

We employ... No, I'm not even talking about the non-human identity problem.

Oh, okay.

But the user that works for you is a user plus a set of devices.

And we keep talking about authenticate the human.

And what we should be talking about is how are you authenticating this set of the human and their devices?

Like the devices should authenticate the human, but over the network, I can't authenticate the human.

I can only authenticate the set.

And we need to talk more about these sets, whether we want to call them cyborgs or centaurs or like the aircraft carrier commanded by the human, whatever you want.

That's what I want to hear more about.

Yeah.

I mean, there's lots of ways, right?

Then this is the problem, which is that goes back to trying to validate that it really is the human.

And there is a space that just to be very clear, like identity proofing, especially in the consumer world, very critical.

But in the enterprise world, like here's the question that I'm going to have for all of our listeners, which is really simple.

How many of your engineers ever will log in from any machine that you don't already know which machine it is?

Like they have their laptop.