FB pixel

Weak login authentication methods the norm at work and home: report

While phishing sophistication increases
Categories Access Control  |  Biometrics News
Weak login authentication methods the norm at work and home: report
 

Sophisticated online fraud attacks and weak authentication are a dangerous combination, but all too common, according to new research from Yubico. The 2024 Global State of Authentication survey highlights authentication trends and vulnerabilities for work and personal accounts.

The report reveals that 39 percent of respondents consider username and password combinations the most secure form of authentication, and 54 percent still rely on this method for their work accounts.

Similar patterns are observed among individuals using login credentials for personal accounts, with 58 percent doing so. The survey highlights that users have encountered breaches in sensitive accounts, including 44 percent for social media, 24 percent for payment applications, and 13 percent for banking accounts.

The survey indicates that 40 percent of respondents believe that the security features offered by online applications and services are insufficient. While this is true, respondents also exhibit limited familiarity with multi-factor authentication (MFA), with 32 percent lacking knowledge about it and 22 percent lacking the ability to implement it at home.

Phishing attacks are increasing in sophistication due to the use of AI, a large majority of survey correspondents say. The use of AI has even facilitated a spread to regions such as Japan that have previously been protected by language barriers. The report recommends implementing phishing-resistant MFA solutions, such as Yubikey, and passwordless options like passkeys.

“We’re really encouraged by the activities from our government here in Australia, particularly the Australian Signals Directorate, which is encouraging the use of phishing-resistant MFA,” Geoff Schomburgk, regional vice president for Asia Pacific and Japan at Yubico, told ITBrief Asia in an interview.

Although some users have been relying on MFA in the form of SMS-based one-time passwords, the report indicates that this authentication method is inconvenient and susceptible to cyberattacks. The reluctance to adopt a more secure method like passkeys can be attributed to users’ familiarity with SMS-based authentication.

Yubico VP urges to orgs support passkeys

Several proactive measures can be implemented by individuals and organizations to mitigate the security vulnerabilities in traditional user authentication methods, such as adopting secure authentication methods like hardware security keys, biometrics, and passkeys, the report says. Given the evolving cyber threat landscape, users must prioritize secure forms of authentication to safeguard their sensitive information.

According to the report, if online accounts, such as email, social media, and financial services, offer passkeys, users should consider them as their primary mode of authentication. Even the organizations should promote the use of advanced MFA options.

In an interview, Derek Hanson, vice president of standards and alliances at Yubico, says, “Like any new technology, passkey adoption will be slow – unless organizations begin to remove unsafe methods of authentication for users, like SMS OTP.”

Conducted by Talker Research, the report surveyed 20,000 respondents from various countries, including Australia, France, Germany, India, Japan, Poland, Singapore, Sweden, the United Kingdom, and the United States. The research aimed to assess the global impact of cybersecurity on personal and professional domains and the adoption of authentication methods.

Related Posts

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

Mitek unveils multilayered GenAI fraud detection to stop PAD, injection attacks

Mitek Systems has launched what it calls the first multilayered solution to the growing challenge posed by generative AI for…

 

Authsignal teams with Mattr on terminal to bind palm biometrics with mDLs

New Zealand-based Authsignal has announced the launch of a new palm biometrics terminal, developed in collaboration with Mattr and Qualcomm,…

 

UK grapples with border biometrics expansion and delays

The UK Home Office has provided key updates on its electric border management initiatives during a Justice and Home Affairs…

 

FBI looking at biometric matching algorithms for NGI, issues RFI

The U.S. Federal Bureau of Investigation’s (FBI) Criminal Justice Information Services (CJIS) in Clarksburg, West Virginia issued a Request for…

 

Bhutan charts a digital future with blockchain, bitcoin, and national digital ID

The Kingdom of Bhutan is leveraging digital assets and strategic investments to propel its national development agenda, integrating blockchain technology…

 

Digital ID can help Sri Lanka expand tax base: Deloitte

Sri Lanka seems to be caught in a chicken-and-egg situation regarding its development of digital ID as its ministry sets…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events