February 3, 2017 -
SecureAuth has published a new survey which reveals that many organizations are adopting a new approach to authentication, with 83 percent of IT decision makers in the UK predicting that their organizations will be passwordless in five years’ time.
The survey results show that organizations are increasingly moving to replace passwords as well as simple two-factor authentication (2FA) with stronger methods to prevent the misuse of stolen credentials.
In five years’ time, 17 percent of organizations still intend to deploy passwords as the sole means of authentication.
The younger generation seems more confident that passwords will be eliminated within the next five years, with 49 percent of millennial IT decision makers affirming this belief compared to only 32 percent of participants aged 35-54.
Meanwhile, 69 percent of US IT decision makers said they phase out passwords in the next five years.
When asked which identity and access methods they predict to have implemented in five years’ time, 49 percent of respondents said physical biometrics, followed by device recognition techniques (30%), 2FA (30%) and geographic capabilities (29%).
Following a similar survey last year, the implementation of 2FA has increased from 2 percent in 2015 to 42 percent in 2016, but is estimated to drop to 30 percent in 2021.
With Europe’s upcoming implementation of General Data Protection Regulations (GDPR) in 2018, which would require all organizations to have at least 2FA in place, participants are divided on its protective capabilities.
The survey found that 47 percent of IT professionals believe it’s the best way to defend an identity, while 52 percent disagree.
The survey also found that 27 percent of IT decision makers said the fear of disrupting users’ daily routine was preventing them from improving their authentication strategy, while 25 percent of users preferred access to their resources without any secondary steps.
“It’s not surprising to see a divided opinion of 2FA, IT decision makers face an ongoing battle as they feel they are forced to choose between increased security and good user experience,” said Keith Graham, SecureAuth chief technology officer. “This is a paradigm for the old, broken approach that lets attackers through the front door.
“It is possible to both strengthen security and not interfere with users’ experience with adaptive authentication techniques. This fundamentally new approach integrates with existing infrastructures to perform risk-analysis that simultaneously strengthens prevention, detects risks and works invisibly to the user.”
Previously reported, SecureAuth Corporation released survey results revealing industry perspectives on passwords and authentication.