The IT department seeks an authentication method that eliminates passwords while verifying users' identities. Which method should they choose?

The chosen method of passwordless authentication effectively addresses the goal of eliminating passwords while still ensuring that users' identities are verified. Passwordless authentication utilizes various alternatives such as biometrics, security tokens, or magic links sent to registered devices, thus removing the need for traditional password entry.

This approach not only enhances security by reducing the risk associated with password theft, guessing, or phishing but also improves user experience, as users do not have to remember and manage complex passwords. By leveraging methods such as biometrics, users can authenticate using their unique physical characteristics (like a fingerprint or facial recognition), or by using secure devices that store cryptographic keys.

In contrast, the other methods mentioned do have their advantages but do not fully align with the requirement to eliminate passwords. Two-factor authentication still requires a password along with an additional verification method. Biometric authentication, while secure, often works in conjunction with passwords as part of a multi-layered approach. Smart card authentication also requires a physical card and potentially a PIN, which still involves a form of password-based security.

Therefore, passwordless authentication stands out as the most fitting choice for organizations aiming to enhance security by completely eliminating the need for passwords.