Surprise, surprise, consumers don't like passwords
There will doubtless be a lot of comment surrounding today's World Password Day (watch this space) but to kick off we'll start with a new survey which shows that people aren’t keen on passwords at all.
The study from identity verification and authentication company Onfido reveals a variety of unpleasant activities that people would rather engage in than create a unique password.
According to the study 17 percent of respondents would rather file their taxes, one in 10 people would rather get root canal work or a colonoscopy, and 15 percent of respondents would rather wait in line to update their vehicle registration or driver’s license.
It's not surprising then that people engage in bad habits. 50 percent globally reuse passwords (17 percent use only one for all accounts and 33 percent use a handful rotated across all accounts). One in five people have a 'core' password that they adapt to meet brands’ password strength requirements.
The survey also asked consumers to rate the importance of having a complex and secure password versus a simple and memorable password for accounts within specific industries (on a scale of one to five, one being simple and memorable and five being complex and secure). 57 percent selected complex and secure for banking, 47 percent selected the same for crypto exchanges, 48 percent software or services used for work and 48 percent for home security applications.
About a third prioritize password complexity and security for online health services (35 percent) and gambling/betting (35 percent), but less than one-third make password complexity and security a priority for travel applications (28 percent), online education (25 percent), gaming platforms (24 percent), and food delivery (21 percent).
People are certainly keen to see the back of passwords, 58 percent of respondents predict that passwords will be extinct within nine years or less, with 40 percent predicting in five years or less. A majority (58 percent) say they would use biometrics (like fingerprints or facial biometrics) in place of a password for all of their accounts if the brands and services they used offered the option.
"Passwords are an insufficient form of authentication because the onus lies on consumers to remember them and ensure their complexity. With today's fraudsters carrying out highly sophisticated attacks using data from the dark web, even the lengthiest and seemingly strongest passwords can be relatively easy to hack," says Sarah Munro, director of personal identity at Onfido. "A better, more secure path forward is for organizations to invest in biometrics-based technology that can offer a more convenient and secure experience for consumers."
You can read more on the Onfido site.