Although password managers have gone some way in addressing security concerns like length and the uniqueness of passwords, there’s a growing feeling that password security is still a huge business risk. Microsoft, Google, and Apple agree — having recently committed to expanding support for passwordless logins. Importantly, almost all IT leaders agreed that password security is a cultural issue, one that can only be solved by those at the top of the food chain.
IT Leaders Pass on Passwords
The survey on password security, commissioned by Ping Identity and Yubico, sought answers from over 600 IT professionals in leadership positions in the US, UK, France, Australia, and Germany. The results are a damning indictment of the state of data security, and more specifically passwords. Worryingly, while 65% of respondents said their organization is completely or very likely to adopt passwordless authentication in the future, only a fifth (19%) said their company had already made plans to. To make our systems more secure a high uptake is crucial — and, considering 92% of respondents believe that hybrid working has caused people to be less cautious with passwords, the timing of these changes has never been more pressing. Swapping to passwordless authentication would not only make things more secure, but it could potentially save time too. According to the survey, 32% of IT leaders estimate that passwordless authentication would free up an extra 30 minutes of time if it was adopted in their organization. On average, the survey respondents said that their employees were stuck entering passwords 12 times a day — which could have a direct impact on productivity. It has a domino effect too — an average of 33% of IT tickets are related to passwords, and for 21% of IT leaders, 50% or more of their tickets are password related. Credential stuffing is one of the easiest ways to break into multiple accounts someone owns — if you can guess one password, chances are, they’ve reused it on at least one more website, portal, or software program.
What About Password Managers?
As the survey results show, the adoption of passwordless methods of authentication is by no means widespread, and will take a while to before it’s rolled-out more widely. Until it is, password managers are easily the best solution. Password managers will give you the freedom to create long, unique passwords for every account you own. If you’re not repeating passwords, credential stuffing becomes obsolete, and if they’re sufficiently long, brute-forcing becomes much less of a risk, to name just two threats that password managers alleviate. Whether they’ll always be the optimum bit of tech for securing your accounts is one thing, but it does seem like the tech community is starting to think twice about the pros of passwords.