Getty Images/iStockphoto
41% of IT Decision-Makers Back Passwordless Authentication for Stronger Identity Security
Adoption of passwordless authentication is rising, with 49 percent of IT leaders deploying or planning to deploy amid data breach concerns and a shift towards enhanced identity security.
Rising password breaches accelerate the adoption of password-less authentication methods such as biometrics, passkeys, and security keys as 41 percent of IT decision-makers accredited these practices to better identity security.
However, some respondents are reluctant to adopt such technologies due to privacy concerns and preference for relying on memory.
A recent survey from password manager provider Bitwarden offered insights into password management and the growing adoption of passwordless authentication among IT decision-makers.
For the third year, password manager provider Bitwarden conducted its Password Decisions Survey with Propeller Insights, polling 400 American IT decision-makers and 2,000 internet users on their password habits, security attitudes, and views on passwordless authentication technologies.
Nearly half of respondents are deploying or planning to adopt passwordless technology. Among them, 66 percent have one to two user groups or multiple teams going passwordless. The main reasons for not transitioning include 39 percent of end users being reluctant to switch and 49 percent of applications not designed for passwordless use. Of those who adopted it, 51 percent implement 'something you are' authentication (facial, fingerprint, voice), and 47 percent are familiar with and value the FIDO2 passwordless authentication standard.
While 66 percent of IT decision-makers share passwords securely via password managers, many still use insecure methods like email (41 percent ), shared online documents (38 percent), chat apps (30 percent), verbal disclosures (27 percent, and written notes (22 percent).
Alarmingly, 90 percent reuse passwords at work, although this practice is decreasing. Over the past year, little has changed in terms of poor password practices.
Password manager usage slightly declined to 84 percent, possibly influenced by a 2022 LastPass data breach. Despite this, password managers are considered crucial for security, and 79 percent of internet users want their employers to provide one. However, 54 percent save passwords in documents, 45 percent rely on memory, and 29 percent write them down, with 22 percent of employees reusing the same password for over a decade.
Two-factor authentication significantly improves security, and its adoption is growing, with 92 percent of respondents using it in the workplace, up from 88 percent in 2022. Common reasons for not implementing 2-FA include not understanding the benefits, believing passwords alone offer sufficient protection, thinking account hacking is unlikely, and concerns about negative impacts on workflows.
Despite the risks of using unauthorized software and hardware (shadow IT), 32 percent of IT decision-makers and 49 percent of employees admitted to using them. A majority (73 percent) of those using shadow IT did so for efficiency. Additionally, 52 percent still used unauthorized technology when unable to obtain authorization, and 50 percent cited slow IT department response times.
The rising costs and frequency of data breaches have led organizations to seek cyber insurance. Seventy-five percent of surveyed IT decision-makers have cyber insurance policies, but insurers require proof of security measures.
These include providing security awareness training (65 percent), multifactor authentication (64 percent), password manager usage (61 percent), incident response plans (50 percent), adequate data backup processes (48 percent), and regular patching (28 percent). Only 3 percent of organizations weren't required to provide proof of these measures.