Implement passwordless authentication, for example, FIDO2 or certificate-based authentication, for both internal and external users.