SC Magazine Market Focus: Moving from MFA to Passwordless

Back to Blog
August 01, 2017
SecureAuth

 

Our recent survey, conducted in conjunction with SC Magazine, shows that organizations are moving towards a passwordless future. The results show that while 36% of IT decision makers believe they will no longer rely on passwords 5 years from now, concerns remain around the complexities involved with rolling-out across the enterprise, yet they recognize the benefits of a passwordless strategy.

The problem with passwords

According to the latest Verizon Data Breach Investigations Report, 81 percent of hacking-related breaches leverage stolen or weak passwords – up from 63 percent in 2016. Despite the approximate $80 billion spend in cybersecurity, our survey shows that 50 percent of organizations are using password-only solutions today and 14 percent think they will be still using password-only in 5 years from now.

The reality is that users not only keep passwords simple, but they also continue to reuse them across multiple sites. And while no system is 100 percent secure, our reliance on the password as a primary method of authentication is making it too easy for cybercriminals to compromise credentials and use them to their advantage.

Organizations have attempted to mitigate password risk by implementing stronger password complexity and requiring more frequent password changes. While valiant efforts, these approaches increase helpdesk costs and user frustration, and most importantly, they are not enough. They cannot deliver the security organizations need.

There is no denying that we need to remove our dependency on passwords, but what would that look like?

 

Organizations recognize the benefits to passwordless

In the passwordless future, compromised credentials are useless to attackers; there are fewer daily disruptions for users; users spend less time logging in, and there are no time-consuming and costly password reset calls. Organizations recognize the benefits of going passwordless – 57 percent of respondents say eliminating the risk of stolen credentials being used by attackers is a benefit, and 56 percent say removing the human factors is another benefit. Respondents also said productivity improvements (45 percent), eliminating requirements for complex passwords (40 percent) and eliminating costs (36 percent) are benefits of going passwordless.

SecureAuth’s passwordless authentication provides greater identity confidence with a better user experience. No password means no password resets, ultimately leading to happier users and cost savings. Calculate your savings using our password reset savings calculator.

 

So, what can you do?

While organizations may anticipate a passwordless future, many respondents say there are concerns with a passwordless strategy. Standing in their way are the concerns of the ability to roll-out across all apps and resources (23 percent), user adoption (17 percent), as well as impact to compliance (12 percent). The survey shows that IT professionals also have concerns about user willingness.

While there is sound cause for pause, passwordless will not happen overnight. However, organizations can strengthen their security posture by putting adaptive authentication techniques in place today that reduces reliance on passwords while laying the groundwork for a passwordless future. Nearly half (46 percent) of respondents trust multi-factor authentication method, layered with a fingerprint biometric and adaptive risk-based analysis, and a lowly 10 percent would trust a password.

Environments in the enterprise are complex, and while passwordless offers improved security and user experience, many organizations are not quite ready to make the jump. Organizations that are going to keep the password, should add additional layers of security such as two-factor authentication and adaptive authentication, at the very least. It’s time for organizations to recognize that a password-only solution is not a secure option, and shouldn’t be an option at all.

Passwordless is a journey and it can start with adding adaptive authentication today.

Read the full article here: SC Magazine Market Focus: Moving from MFA to Passwordless

 

Never Miss a Beat
Subscribe to Our Blog

SecureAuth Identity Platform Adaptative Authentication

Identity and Access Management

Empower your digital initiatives with secure access for everyone and everything connecting to your business

Product Features

Adaptive Authentication

Extend verification of a user identity with contextual risk checks

Multi-Factor Authentication

Leverage a broad portfolio of authentication factors for desktop and mobile

Intelligent Risk Engine

Protect your identities with advanced risk profiling analytics

Single Sign-On

Provide app discovery and one-click login through portal or desktop SSO

User Lifecycle Management

Enable admins with strong CRUD capabilities and users with self-service tools

Secure All Identities

CIAM

Customer Identities

Deliver a frictionless customer experience safeguarding user data and privacy

B2E

Workforce Identities

Govern and control access rights for employees, partners, and contractors

Moving Beyond Passwords

Learn how passwords alone no longer provide the appropriate level of protection, nor confidence, required to secure valuable resources

Initiatives

Passwordless Authentication

Reduce the risk of breaches by eliminating passwords

2FA is Not Enough

Block popular phishing and brute force attacks used by bad actors

Protecting Office 365

Extend adaptive authentication and flexible MFA to all apps including Office 365

Securing Portals and Web Apps

Balance strong security and an exceptional user experience

RSA Migration

Transition to a modern identity and access management solution

Industries

Healthcare

Financial Services

Retail

Energy and Utilities

Public Sector

Resources

White Papers

eBooks

Recorded Webinars

Analyst Reports

Innovation Labs

Documentation

Support Portal

Events & Webinars

Events

Webinars

Calculate Your Savings

Lower support costs by enabling your users the control to reset passwords, account unlocks, device enrollment and update profiles

Meet SecureAuth

About SecureAuth

Leadership

Newsroom

Careers

Contact