logo

Overcoming the Hassle of Passwords and MFA with Passwordless Authentication

The drawbacks of passwords are well known – simply put, they can be hard to remember, easy to hack and a general nuisance for both end users and security personnel. However, passwords remain a staple of many organizations’ security frameworks, despite the fact that the cybersecurity industry has been calling for the death of passwords for nearly 20 years now.

  • Published: 04-05-2022

  • Related Category: IAM - Identity Access Management

  • Type of Content: Articles

  • Owner: 451 Research


Survey data from 451 Research’s Voice of the Enterprise (VotE) service shows that just 61% of enterprises have deployed multi-factor authentication (MFA), well below other common security tools like firewalls (90%), email security (82%) and endpoint security (78%). Furthermore, it’s likely that within those 61% of firms that do use MFA, deployments are not enterprise-wide but reserved for a subset of the total user population and also mainly for specific use cases, such as remote access VPNs.

Enterprise MFA Adoption Lags Popular Security Tools

Source: 451 Research’s Voice of the Enterprise: Information Security, Workloads and Key Projects 2020 Q. What is your organization’s status of implementation for the following information security technologies? Base: All respondents

Business Impact

PASSWORDS ARE A HARD HABIT TO BREAK 

Despite their shortcomings, there are also some benefits of passwords that have made them so persistent: passwords are cheap, and they impose little friction to user workflows and business processes. Furthermore, nearly every ‘stronger’ form of authentication – hardware tokens, software tokens, smart cards, USB fobs, biometrics, etc. – comes with its own baggage, in the form of up-front hardware and software costs, integration challenges, application support and – especially – user inconvenience. It’s no wonder, then, that the percentage of enterprises deploying MFA has risen very slowly in recent years compared to other security tools, despite a boost from extended work-from-home (WFH) policies at many enterprises – and despite the growing threat of compromised credentials.

MFA DOESN’T ELIMINATE PASSWORDS 

MFA is just a Band-Aid. In fact, most firms that have deployed MFA are still using passwords in some manner, and they often require users to type in a username or PIN, or both. And if you are still using passwords, you still have risk – not to mention the various user-experience issues and potential helpdesk costs for locked-out users or lost authenticators.

>> Download Article to continue reading.



Related Articles: