Survey data reveals that organisations are putting off implementing authentication methods, such as biometrics and passkeys, as legacy technology and compliance requirements continue to present challenges for global businesses.
New Delinea research has examined the future of passwords to reveal insights about the evolution of authentication and access in the workplace. The report, titled, “The Future of Workplace Passwords: Not Dead, but Evolving,” found that the majority (68%) of US IT decision makers surveyed say that passwords are not dead, with over half of that group (53%) stating they believe passwords are simply evolving into something new.
Ensuring enterprise safety in the current cyber landscape
Delinea’s latest research aims to understand the future of passwords in the workplace in light of recent traction by other authentication options in consumer technology such as smartphones, personal email accounts and mobile apps. The findings uncovered that solutions users are already familiar with using passwordless technologies in their personal lives are the most likely to replace passwords in the workplace, such as biometrics (58%), other multi-factor authentication (MFA) technologies (46%), one-time passwords (37%) and Passkeys (35%).
These findings are particularly prevalent when considering the current cybersecurity landscape. The first quarter of 2023 saw a dramatic surge in password-based attacks against cloud identities from around 3 billion per month to over 30 billion. With this in mind, it is understandable why businesses would want to shift away from the password, but may not yet be in a position to do so.
“The term ‘passwordless’ often elicits a strong response, either by those claiming passwords will never die or those claiming they will inevitably go away. Our latest research shows that it doesn’t have to be one or the other, and that a range of authentication options are encouraging a future where passwords still exist but are in the background,” said Chris Smith, Chief Marketing Officer at Delinea.
“The passwordless evolution won’t happen overnight though, and organisations need to ensure that they are taking necessary steps to avoid introducing new risk into the workplace by trying to move beyond passwords too quickly.”
Most organisations are still “years away” from passwordless operations
The survey revealed that most organisations are still years away from a passwordless reality. While 30% stated to Delinea their organisation has already started this transition, 36% claimed they are still 1-2 years away, while 21% admitted they are 3-4 years away. These changes are being blocked by several obstacles, including legacy platforms and apps that require passwords and MFA (43%), the need for authentication methods everywhere (37%) and employees who do not yet understand or trust passwordless processes (28%).
Furthermore, 95% of survey respondents stated that their companies must meet at least one set of compliance requirements, requiring organisations to demonstrate access controls which can become more complicated by adapting to new authentication methods.
According to Delinea, clear user experience must evolve, with 35% expecting access to workplace systems to require MFA challenges at login, despite 19% expecting a future where no username or password is required. Almost 60% of respondents also indicated that their organisations are using a Privileged Access Management (PAM) solution to manage workplace passwords.
PAM solutions can help organisations that are still using legacy technology, moving to the cloud, or beginning to leverage passwordless solutions. Combined with biometrics and other authentication technologies, PAM can both enforce a least privilege approach and access to resources without productivity-reducing requirements for passwords.
“Workplace password management practices are evolving, even though organisations haven’t yet radically moved away from traditional passwords,” Smith continues. “As biometrics become more accurate, legacy technology gets replaced, and AI creates a stronger safety net, enterprises will likely become more comfortable with a passwordless future.”
Please also check out our upcoming event - Net Zero LIVE on 6 and 7 March 2024.
BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability leaders, Procurement & Supply Chain leaders, Technology & AI leaders, Cyber leaders, FinTech & InsurTech leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare and Food.
BizClik – based in London, Dubai, and New York – offers services such as content creation, advertising & sponsorship solutions, webinars & events.