There are several reasons for getting rid of passwords from the security framework. But the main reason may be customer convenience.
The user experience is viewed by 64% of firms as a key factor when adopting passwordless technology, according to The State of Passwordless Security, a new study by Cybersecurity Insiders, presented by HPR.
This makes sense. Try to click through to something on a site you may have joined five years ago as it applies a typical multi-factor authentication (MFA) protocol: It can be enraging.
Of course, 91% of companies say passwordless MFA use is important for halting credential and phishing. And this is no small thing, given that 90% experienced phishing attacks last year, often resulting increased helpdesk costs for resetting passwords.
Email marketing system operators should heed this — their process for sending triggered password update emails had better be airtight.
Granted, marketing does not play as much of a role in this as other activations. For 86% of firms, the primary user base for passwordless authentication is remote employees.
Another 73% cite online employees, and 43% identify contractors/partners as a user base. Only 24% specify customers/consumers.
But that last percentage is bound to grow as consumers understand the ease of passwordless MFA.
Not that it really exists for them at this point -- 61% of MFA solutions require a password or other shared secret such as an OTP, SMS code.
What’s more, 48% of the firms polled lack passwordless technology.
Still, 21% feel passwordless tech can help them achieve digital transformation, 14% say it can also help them realize cost savings.
Let’s say your company is considering a passwordless solution. Here are the deciding factors that have adopted or are mulling one:
Meanwhile, of the types of cyber attacks experienced, 90% were phishing, 29% credential stuffing and brute force, 14% remote desktop protocol attacks and 9% push or push fatigue assaults.
Cyber surveyed 417 IT professionals.