A report from S&P Market Intelligence shows that username and password combinations are still the most commonly used form of authentication in organizations (58 percent).
The next most popular forms of authentication are mobile push-based multi-factor authentication (MFA) (47 percent), SMS-based MFA (40 percent) and biometrics (31 percent). “Passwords continue to be the most widely used as organizations seek to balance security, simplicity, cost of ownership and flexibility – especially in hybrid work environments,” said Darren Guccione, CEO and co-founder of Keeper Security. “SSO and passwordless authentication, while effective, are not widely supported and therefore create security holes that leave organizations vulnerable. For organizations that still rely on the combination of password and username or a hybrid model of passwords and passwordless technologies, it is critical that these are managed appropriately and securely.”
Password management
The S&P Market Intelligence Business Impact Brief shows that the widespread use of username-password combinations requires comprehensive password management policies for companies to ensure that employee password practices are as secure as possible. Password managers make it easier for both IT administrators and end users to create, rotate, and store passwords as well as 2FA and MFA codes. In fact, many organizations use a combination of multiple authentication factors to complement password and username combinations, making integrating password management an even greater necessity.
Passkey adaptation still takes a long time
Largely due to the momentum of the Fast Identity Online (FIDO) Alliance, passkeys are gaining traction as a form of passwordless authentication with support from Apple, Microsoft and Google. Passkeys are passwordless credentials that make it much easier for consumers to adopt FIDO-based authentication systems. However, passkeys are still at a very early stage when it comes to enterprise adoption.
“Although passkeys offer enticing security benefits, websites have been slow to support them for a variety of reasons. With more than a billion websites, there is still a long way to go before a passwordless option becomes ubiquitous,” said Guccione. “As the password and username combination will remain an important part of the corporate landscape for the foreseeable future, password management solutions that integrate and support a wide range of authentication methods while ensuring security and cyber hygiene are important for all organizations to manage cyber -Increase resilience.
More at KeeperSecurity.com
About Keeper Security Keeper Security is changing the way people and organizations around the world protect their passwords, secrets and sensitive information. Keeper's easy-to-use cybersecurity platform is built on the foundation of zero-trust, zero-knowledge security to protect every user and every device.