72 percent of companies plan to ditch passwords by 2025
Security professionals increasingly believe that usernames and passwords provide insufficient security, and 72 percent think they will be phased out within nine years.
This is among the findings from mobile identity company TeleSign which also shows that security professionals are increasingly turning to effective, easy to implement technologies such as behavioral biometrics and two-factor authentication to secure user accounts.
"The vast majority of security professionals no longer trust the password to do its job," says Ryan Disraeli, co-founder of TeleSign. "Thankfully, most companies aren't resigning themselves or their users to password-only account security. They are implementing two-factor authentication in droves and newer technologies such as behavioral biometrics are emerging to address many of the concerns developers have around adding new tech to their applications".
Nine out of 10 companies say behavioral biometrics would be extremely or very valuable for increasing security and eight in 10 say it would increase security without degrading the user experience. More than half of companies (54 percent) plan to implement behavioral biometrics in 2016 or later.
The findings show that within the next 12 months 85 percent of companies will be using 2FA, with four in ten already using it for their consumer accounts and another four in ten planning to adopt it in the next year. 92 percent of security professionals agree that two-factor authentication significantly increases account security on top of passwords.
The results also reveal that online fraud remains a top concern for companies, with 86 percent reporting they are extremely or very concerned about authenticating the identity of web and mobile app users. In the past year, 90 percent of companies have experienced fraud and 79 percent are concerned about account takeovers, which occur when unauthorized access is gained to a web or mobile end-user account, often due to stolen credentials, weak passwords or bot-based attacks.
There's a summary of the findings as an infographic below, and you can download the full report from the TeleSign website.