Password issues are still a constant struggle for organizations. The amount of time IT teams spend managing user passwords and credentials is increasing every year.
An Organization has released the findings of a new report that surveyed 750 IT and security professionals. The aim was to understand better the current state of password usage in organizations and how the new normal drives the development of passwordless authentication models.
The From Passwords to Passwordless report was created in collaboration with a company based in the United Kingdom. It shows the urgent need to address password issues as remote work becomes the new normal.
The global study underlines that the shift from traditional passwords and the associated risks to passwordless authentication continues to increase and is made even more important by the current remote work worldwide.
Passwords aren’t going away entirely, according to the report, but 92% of respondents believe deploy passwordless authentication is the future of their Company or organization.
Passwordless authentication reduces password-related risks by allowing users to sign in to devices and applications without entering a password.
Technologies such as biometric authentication, single sign-on (SSO), and federated identity streamline the user experience for staff within an organization while maintaining a high level of security and ample control for IT and security teams.
Organizations Still Have a Password Problem
Password issues are still a constant struggle for organizations. The amount of time IT teams spend managing users’ passwords and credentials has increased every year. In fact, respondents say the weekly time spent managing user passwords has increased by 25 percent since 2019.
With this in mind, most IT and security professionals (85 percent) believe their organization should try to reduce the number of passwords individuals use daily. Additionally, nearly all respondents (95 percent) say there are risks associated with using passwords.
They can lead to threats in your organization, especially human behavior that manifests itself in password reuse or weak password design.
Security priorities are at odds with handler experience
Security is a key challenge for IT teams when it comes to handling an organisation. Employees, however, are primarily concerned with the lack of comfort and user-friendliness, which is usually associated with the issue of security.
It is, therefore, also the main source of frustration for the IT department, especially when problems in managing passwords are derived from user behavior.
The top 3 frustrations for IT teams include users,
· who use the same password across applications (54 percent),
· have forgotten their passwords (49 percent) and
· the time spent on password management (45 percent).
For employees, the problem lies in convenience. The three biggest frustrations are
· regularly changing passwords (56%),
· remembering several passwords (54%) and
· typing long, complex passwords (49%).
Security and risk elimination as key benefits for passwordless authentication
Improved security (69 percent) and elimination of password-related risks (58 percent) are seen by respondents as the top benefits of deploying a passwordless authentication model for their organization’s IT infrastructure.
Time (54 percent) and cost savings (48 percent) are also cited as benefits of passwordless authentication. Meanwhile, a passwordless authentication model would help employees solve efficiency problems.
More than semi (53%) of respondents say passwordless authentication has the potential to enable convenient access from anywhere, and this is critical given the shift to remote work.
Cost, Regulations and Time as the Top Challenges in Implementation
While not requiring a password can provide a more secure authentication method, there are challenges in adopting a passwordless model. Respondents cite the initial financial investment required to migrate to such solutions as their organisation’s biggest challenge (43 percent).
But regulations for storing the data needed (41 percent) and the initial time required to migrate to new methods (40 percent) are also major hurdles.
There are also some concerns about resistance to change. Three-quarters of IT and security professionals (72 percent) think end-users in their organization prefer password reuse because they are used to it.
Passwords don’t Disappear Totally
85% of respondents agree that passwords will not go away entirely when it comes to identity and access management. Still, more than nine in ten respondents (92 percent) believe that providing end-users with a passwordless experience is the future of their business.
There is a clear need to discover a solution combining passwordless authentication and password management in today’s organizations.
Passwordless login: This is what the tech companies are planning
Apple, Google, and Microsoft unanimously declared their aim to upgrade Fido 2 by 2023 at the start of May 2022. On various devices, including recently purchased ones, users should be able to automatically access data without having to log in again for each account.
Additionally, logging into an app or website on another nearby device should be possible using a mobile device as an authenticator.
No matter the operating system or browser, this is true. Microsoft has already presented passwordless login for the Outlook internet version and for its gaming Xbox Live. It can be permitted in the advanced security settings of the Microsoft account.
Furthermore, at the very least, Dropbox, Google, or Twitter support Fido 2 as an additional factor via USB token, app, or SMS. This is even if it is not usually Fido 2 but rather a security key or passkey.
The world is slowly moving towards passwordless as the risk of online threats never seems to stop. In such a situation, you need to ensure that you are developing applications equipped with the latest technologies to help your users reduce the chances of being attacked and promote your product.
“As many organizations transition to a long-term culture of remote work, it’s more important than ever to give employees the tools and resources to be safe online, both in their personal life and when working from home.
“The report highlights the ongoing challenge that organizations face when it comes to password security. It shows the need for a passwordless authentication solution that enables both IT teams and employees to work more efficiently and securely in the new normal.