Passwords play an important role in protecting us in the digital age. For long we’ve been told to choose difficult combinations of numbers, letters and symbols and to have unique passwords for all accounts as a way to deter hackers. But creating and then remembering all of these passwords quickly became overwhelming as we stepped more into a fully digital life. Things like biometrics and multi-factor authentication have taken away some of the complications and help people feel more secure about access.
Now, research shows that the road to easier, more secure access is looking even brighter. Open source password manager Bitwarden surveyed 800 IT decision makers across a wide range of industries about password use and the move to passwordless technology in their organizations.
Passwordless Authentication uses a different form of evidence than having to enter an actual password or answer security questions. Instead, a fingerprint, proximity badge or other token is used to authenticate a user and grant access to an application or system.
Knowing the dangers of passwords and the need to be more secure, most IT leaders admit to reusing passwords, storing passwords on documents on their computer or just keeping them all in their memory (or trying to).
Businesses seem to be enthusiastic about the security benefits of passwordless technology as well as the improved user experience it can provide. Especially now, post pandemic when many companies are still trying to rebuild their IT practices for remote and hybrid work, having a better way to manage and secure how they access accounts is critical.
Almost two-thirds of IT decision-makers (66 percent) have at least one or two user groups or teams that are using passwordless technology. Another 13 percent have deployed it to their entire organization already.
“Businesses are looking beyond passwords and desire new technologies that reflect passwordless workflows, which shouldn’t come as a surprise,” said Bitwarden CEO Michael Crandell. “While strong and unique passwords are highly effective at safeguarding data, weak or re-used passwords that are not managed by an end-to-end encrypted password manager present serious vulnerabilities. The Bitwarden approach takes into account this evolution but also reflects that adoption timelines vary by company, technology, and end-user preference and that security remains the paramount goal for individuals and enterprises alike.”
When asked if their organizations had security protocols in place already, 80 percent of IT leaders now have a ransomware mitigation strategy and three-fourths have cyber insurance. Of the percentage that do, 65 percent are also required to show they offer cyber awareness training for employees, 64 percent that they deploy MFA, and 61 percent that they offer a company-wide password manager.
Even with these processes in place, passwords aren’t foolproof and carry an inherent risk, which is heightened when proper password etiquette isn’t followed (and we know that’s the case far too often). Passwordless may just be the answer to simplifying access while improving security at the same time.
Edited by Erik Linask