Today around the world people are remembering password hygiene to protect their digital identities and it is time we make it World Passwordless Day. Recently, the State of Authentication Report 2023, based on results from 285 IT and security professionals on the latest MFA and passwordless authentication trends, provides compelling data for security professionals and consumers to transition to passwordless continuous authentication methods. So, how can we make it practical for organizations to implement passwordless solutions and ensure identity security? Organizations are keenly aware that keeping passwords and user credentials safe is not a sufficient defense against the advanced threat vectors constantly evolving by cybercriminals. We need to kill passwords and legacy MFA altogether.
ViB Research independently conducted research for the State of Authentication Report 2023 to get the latest authentication trends. As user credentials continue to be a top vector for cyberattacks, organizations are under tremendous pressure to rethink the effectiveness of current authentication initiatives. The report illustrates that IT and security professionals are seriously worried about the security risks of traditional MFA, with 55% reporting that relying on one-time passwords (OTP) using texts and phone calls leaves them open to cyberattacks. Only an alarming 5% of respondents are very confident that traditional MFA can combat credential-related cyberattacks, while 40% are somewhat confident. An additional 21% feel traditional MFA cannot be used as an effective hacker deterrent because user adoption rates are too low. And over half of those surveyed are either not sure or concerned that their organization will lose cyber insurance coverage if they continue with traditional MFA.
Authentication Security is a Top Priority
- 84% of respondents consider authentication and access management as a top 5 security priority.
- This demonstrates the importance of authentication and access management for IT and security teams.
- When asked about moving to a passwordless environment, a whopping 65% are planning on implementing passwordless technologies in the next 24 months. Nearly a third are planning to do so in the next six months, and another third are looking at the 12-24 month horizon.
Threats and Risks of Passwords
Passwords will be hacked and traditional MFA solutions are easily exploitable with MFA bombing, man-in-the-middle attacks and credential theft with numerous account takeovers. Our research validates that it is time for a radical approach to move beyond legacy password-based biometrics, MFA and certificates to secure data, apps and systems. Threat actors have access to billions of harvested user credentials from digital consumers around the world. Innovation technologies, such as Arculix, a next-gen passwordless continuous authentication solution, that treats authentication as a continuum is critical for defending against the most sophisticated attacks.
Practical Advice to Move to Passwordless and Invisible MFA:
Fortify your passwordless approach with invisible MFA. The next-generation authentication approach utilizes authentication across the entire enterprise and knows when to send notifications and when not to. A passwordless continuous authentication solution simplifies audits, eases user experience and eliminates passwords while enabling hack-proof MFA. Enterprises must leverage a risk-based engine driven by AI/ML behavioral modeling. Device trust is equally critical in a passwordless continuous approach as it combines users’ mobile, desktop, laptop, server, and user experience in a unified way. Never remember a password again with Universal Authentication Fabric as it ensures that the first login to authenticate yourself is the only one all day. SecureAuth’s passwordless continuous technology analyzes user identity and uses behavioral modeling to infer whether a user is a threat before authentication, during authentication and post-authorization. Ask for a demo of Arculix today and celebrate passwordless continuous authentication.
About Donovan Blaylock II, Director of Solutions Engineering
As Director of Solutions Engineering, Donovan Blaylock manages the technical sales & engineering team at SecureAuth that builds and leads successful pre-sales in Identity Security and Passwordless Continuous Authentication. His leadership and expertise in consulting, sales, and product management implements identity architecture that is aligned with successful business results. Donovan brings more than 20 years of experience in identity and access management as a practitioner, product developer, deployer of long-term product strategy, and a business development leader helping organizations looking for the right solution in identity governance and administration, Multi-factor Authentication, Adaptive and Contextual Authentication and Risk-Based Analysts. His in-depth knowledge of the competitive landscape and solutions in Identity Access, Governance, Security and Automation has made him a trusted advisor. Previously, he was the lead consultant at Trace 3’s IAM practice. He was also at SailPoint for seven years as Chief Technology Evangelist and Healthcare account manager. As a Senior Federal Sales Engineer at Attachment and NetIQ he developed technical channel partner programs. He held prestigious positions at USAF Technical Liaison to INOSC East and USAF Technical Liaison to Air Combat Command EDS. Donovan’s focus is machine learning and artificial intelligence identity security, cloud access (IaaS & SaaS), data access (both cloud and legacy prem), Ai access automation, ITSec Governance and Audit, and Identity Access programs from launch to maturity. As a veteran technology speaker on identity and security, he inspires audiences with go-to-market strategies and helped them achieve their security goals and transform their organizations to drive market growth. He graduated from George Mason University.