Secret Double Octopus Study Finds 87% Believe Next-Gen Passwordless Solutions Will Become the Leading Approach to Secure Workforce Identities within Five Years

Global Survey of Large Organizations Suggests 67% of Employees Are Either Frustrated or Resigned When It Comes to Traditional MFA

Secret Double Octopus (SDO), in partnership with Dimensional Research, announced the results of their global annual study focusing on the state of workforce passwordless authentication and multi-factor authentication (MFA) usage generally. The companies surveyed over 300 IT professionals with responsibility for workforce identities and their security at organizations with more than 1,000 employees.

The survey isolated perceptions and adoption of newer FIDO2-certified enterprise passwordless solutions, and segregated the impact of single sign-on portal and endpoint biometric-based “passwordless-like” experiences. Passwordless-like experiences often mimic an authentication experience where no password is utilized, but retain a password and the subsequent security risk, as well as require the password to be remembered by the end-user from time to time. FIDO2 security keys and FIDO2-compliant software solutions that leverage decentralized smartphone vaults and biometrics were defined as “next-generation passwordless” solutions.

Marketing Technology News: Bombora’s Intent Data Helps Inbox Insight Get Content to a Customer’s Hungriest Buyers

“Workforce identity and security professionals are clear that next-gen passwordless solutions as defined in the survey have the potential to deliver stronger security outcomes than existing MFA or traditional passwordless approaches,” said Diane Hagglund, Founder and President of Dimensional Research. “This study brings clarity to confusion that exists in the market when we talk about different approaches to passwordless MFA, given that many IT professionals associate this language with a range of technologies including SSO and TouchID.”

Key survey findings included:

  • Only 16% of organizations use MFA across all password logins, suggesting MFA has not reached an end-to-end universality required to completely seal off the surface area of attack.
  • Just 33% indicated the use of one MFA provider, with 50% having two or three providers and 17% having four or more, suggesting IT complexity when it comes to traditional MFA.
  • 70% of respondents think of single sign-on (SSO) portals when thinking of passwordless and 63% associate PC device-bound biometrics such as Windows Hello for Business as part of the passwordless trend.
  • 49% indicated they are currently using a next-gen passwordless solution
  • Superior end-user experience and better security coverage are the top two benefits participants felt next-gen passwordless solutions offer.

“We’re excited to really deepen the industry’s view of where newer solutions stand relative to less secure passwordless experience offerings,” said Raz Rafaeli, Founder and CEO of Secret Double Octopus. “For us, the real promise of passwordless is achieving the goal of an employee never having to set, guess or remember a password universally, across all use cases they encounter in a workday. We call this Full Passwordless and it’s a defining design goal for us.”

Recommendations for the Enterprise:

To improve security posture, organizations should:

  • Become aware of the differences between “passwordless like” solutions and newer enterprise passwordless offerings that strive to reach the promise of Full Passwordless
  • Avoid holes in their MFA strategy by implementing MFA, preferably passwordless MFA, across all of their resources and systems
  • Evaluate next-gen passwordless MFA solutions to ameliorate MFA fatigue and lower complexity of MFA management in their environment

Marketing Technology News: MarTech Interview with Zohar Bronfman, CEO and Co-Founder at Pecan

Brought to you by
For Sales, write to: contact@martechseries.com
Copyright © 2024 MarTech Series. All Rights Reserved.Privacy Policy
To repurpose or use any of the content or material on this and our sister sites, explicit written permission needs to be sought.