Reports of the password's death are greatly exaggerated
We've been hearing predictions surrounding the end of the password for many years, but a new survey of 300 US IT decision makers reveals that 68 percent say passwords aren't dead and 53 percent think they're simply evolving into something new.
The study, conducted by Censuswide for Delinea, is aimed at understanding the future of passwords in the workplace in light of recent traction by other authentication options in consumer technology such as smartphones, personal email accounts, and mobile apps.
The polling finds that solutions users are already familiar with using in their personal lives are also the most likely to replace passwords in the workplace, such as biometrics (58 percent), other multi-factor authentication (MFA) technologies (46 percent), one-time passwords (37 percent), and passkeys (35 percent).
"The term 'passwordless' often elicits a strong response, either by those claiming passwords will never die or those claiming they will inevitably go away. Our latest research shows that it doesn't have to be one or the other, and that a range of authentication options are encouraging a future where passwords still exist but are in the background," says Chris Smith, chief marketing officer at Delinea. "The passwordless evolution won't happen overnight though, and organizations need to ensure that they are taking necessary steps to avoid introducing new risk into the workplace by trying to move beyond passwords too quickly."
Most organizations are still years away from a passwordless reality according to the study. While 30 percent say their organization has already started this transition, 36 percent claimed they are still one to two years away while 21 percent admit they are three to four years away.
Standing in their way are several obstacles including legacy platforms and apps that require passwords and MFA (43 percent), the need for consistent authentication methods everywhere (37 percent), and employees who don't understand or trust passwordless processes (28 percent). Furthermore, 95 percent of respondents say that their companies must meet at least one set of compliance requirements, requiring them to demonstrate access controls which can become more complicated by adapting to new authentication methods.
It's clear that access management is changing though, with 35 percent expecting access to workplace systems to require MFA challenges at login, and 19 percent expect a future where no username or password is required. Almost 60 percent of respondents also say that their organizations are using a Privileged Access Management (PAM) solution to manage workplace passwords.
The full report is available from the Delinea site.