Password Security, by the Numbers

Cybersecurity Survey
Back to Blog
August 27, 2016

In the last few years it’s become clear that words like “cybersecurity” and “cyber attacks” are no longer just buzzwords, but have become cultural norms with record-high numbers over the last two years. After headline breaches such as Target and Ashley Madison, companies are coming to terms with the impact these attacks have on their bottom line.

With cybersecurity taking on new urgency, Wakefield issued a survey commissioned by SecureAuth in order to gauge current security strategies and pain points. This survey of more than 200 IT security professionals in the U.S., explores organizational cybersecurity spend, and attitudes towards both the traditional password and password alternatives. The survey dives into what keeps IT professionals up at night, highlighting market pressures that tend to get in the way of prioritizing proactive cybersecurity. Additionally, the results shed light on barriers organizations face in protecting critical data and infrastructure.

The largest statistic of the survey states that 95% of respondents believe their companies will increase security spending in the next year. Of that number, nearly half (44%) expect to do so by more than 20%. This can be explained when you consider that 59% of professionals surveyed said their company experienced a data breach in the last 12 months.

With those types of numbers, it is easy to see why cyber attacks have become a cultural norm. The good news? Organizations are exploring alternative authentication methods since traditional security measures (like username and password) are no longer strong enough. Organizations such as Amazon, eBay and the Office of Personnel Management OPM can speak to the gravity of stolen credentials as seen by their headline databreaches. Needless to say, skepticism about passwords is real – as evidenced by the 91% of cybersecurity professionals who believe traditional password will not exist in ten years.

Challenging the security status quo doesn’t mean this change will happen overnight. Even though respondents expressed faith in new methods of authentication, many still haven’t made the jump. According to the survey findings, more than 1 in 3 (34%) of cybersecurity pros work for companies that do not utilize authentication methods beyond passwords. Some of this may be chalked up to a business environment that tends to reward crowd-pleasing, quick to market products – even if they are insecure. There also remains the perception that security solutions negatively impact employee productivity, with 87% of respondents reporting their company is frequently forced to choose between user experience and greater security.

What else might be responsible for driving the exploration of new authentication technologies? Password recall.

Industry experts also recognize challenges accompanying traditional passwords. In a recent ZDNet article, John Fontana discussed how cyber attacks over the past few years have called into question the effectiveness of passwords. As seen with the recent LastPass cyber attack, cybersecurity techniques are becoming increasingly sophisticated. Cybercriminals now use advanced malware and phishing techniques to fool users into handing over their passwords, email or personal identifiable information (PII).

Fortunately, organizations looking to move beyond single-factor authentication have a wealth of alternatives at their disposal. 97% of survey respondents believe new authentication techniques are reliable (such as fingerprint scans or Two-Factor Authentication) leaving hope for the new cultural norm of headline data breaches to become less common.

Companies must be proactive about combatting compromised credentials and emerging threats. For more information on our survey findings, visit our news page. To find out more about SecureAuth™ IdP, request a demo or investigate how SecureAuth has helped other organizations determine identities with confidence,

Never Miss a Beat
Subscribe to Our Blog

SecureAuth Identity Platform Adaptative Authentication

Identity and Access Management

Empower your digital initiatives with secure access for everyone and everything connecting to your business

Product Features

Adaptive Authentication

Extend verification of a user identity with contextual risk checks

Multi-Factor Authentication

Leverage a broad portfolio of authentication factors for desktop and mobile

Intelligent Risk Engine

Protect your identities with advanced risk profiling analytics

Single Sign-On

Provide app discovery and one-click login through portal or desktop SSO

User Lifecycle Management

Enable admins with strong CRUD capabilities and users with self-service tools

Secure All Identities


Customer Identities

Deliver a frictionless customer experience safeguarding user data and privacy


Workforce Identities

Govern and control access rights for employees, partners, and contractors

Moving Beyond Passwords

Learn how passwords alone no longer provide the appropriate level of protection, nor confidence, required to secure valuable resources


Passwordless Authentication

Reduce the risk of breaches by eliminating passwords

2FA is Not Enough

Block popular phishing and brute force attacks used by bad actors

Protecting Office 365

Extend adaptive authentication and flexible MFA to all apps including Office 365

Securing Portals and Web Apps

Balance strong security and an exceptional user experience

RSA Migration

Transition to a modern identity and access management solution



Financial Services


Energy and Utilities

Public Sector


White Papers


Recorded Webinars

Analyst Reports

Innovation Labs


Support Portal

Events & Webinars



Calculate Your Savings

Lower support costs by enabling your users the control to reset passwords, account unlocks, device enrollment and update profiles

Meet SecureAuth

About SecureAuth