A new survey of over 300 IT professionals with responsibility for workforce identities and their security in large organizations shows that 87 percent expect passwordless solutions will become the leading approach to secure workforce identities within five years.
The study by Dimensional Research for Secret Double Octopus looks at perceptions and adoption of newer FIDO2-certified enterprise passwordless solutions, and the impact of single sign-on portal and endpoint biometric-based ‘passwordless-like’ experiences.
“Workforce identity and security professionals are clear that next-gen passwordless solutions as defined in the survey have the potential to deliver stronger security outcomes than existing MFA or traditional passwordless approaches,” says Diane Hagglund, founder and president of Dimensional Research. “This study brings clarity to confusion that exists in the market when we talk about different approaches to passwordless MFA, given that many IT professionals associate this language with a range of technologies including SSO and TouchID.”
The study finds that currently only 16 percent of organizations use MFA across all password logins, suggesting MFA has not reached end-to-end universal adoption. Just 33 percent use one MFA provider, with 50 percent having two or three providers and 17 percent having four or more, suggesting IT complexity when it comes to traditional MFA.
When thinking of passwordless, 70 percent of respondents think of single sign-on (SSO) portals and 63 percent associate PC device-bound biometrics such as Windows Hello for Business as part of the passwordless trend. 49 percent say they are currently using a next-gen passwordless solution, with superior end–user experience and better security coverage cited as the top two benefits participants feel next-gen passwordless solutions offer.
“We’re excited to really deepen the industry’s view of where newer solutions stand relative to less secure passwordless experience offerings,” says Raz Rafaeli, founder and CEO of Secret Double Octopus. “For us, the real promise of passwordless is achieving the goal of an employee never having to set, guess or remember a password universally, across all use cases they encounter in a workday. We call this Full Passwordless and it’s a defining design goal for us.”
You can get the full report on the Secret Double Octopus site and there will be a webinar to discuss the findings on October 19 at 9am PST.
Image credit: reborn55/depositphotos.com
