- Security TWENTY
- Women in Security
Businesses should begin preparing for the death of the password, according to an IT security product company after its survey based on 4000 consumers in the US and the UK. From baby boomers to millennials, 52 percent of consumers would choose anything but a traditional username and password account registration when given the option, says Gigya.
Businesses that want to thrive are rapidly adopting secure, modern password alternatives, such as the following: social-network authentication that enables consumers to use their Facebook or other social-network credentials as their log-ins; two-factor authentication, which couples traditional usernames and passwords with a personal security question or verification code sent via text message; and biometric authentication, such as fingerprint scanning, voice recognition, facial recognition or iris scanning the firm says.
Survey findings include:
· More than half (52 percent) of all respondents prefer to log into online accounts using modern authentication methods that are more secure than traditional usernames and passwords, including 29 percent that prefer using two-factor authentication and 20 percent that prefer biometric authentication.
· Eighty percent of consumers who expressed a preference believe biometric authentication is more secure than traditional usernames and passwords.
· Only 16 percent of respondents follow password best practices with a unique password for each online account. Six percent use the same password for all accounts and 63 percent use seven or fewer passwords across all their online accounts.
· More than one quarter (26 percent) of all respondents have had at least one online account compromised in the past 12 months. When segmented by generation, 35 percent of millennials, 28 percent of Generation Xers and 18 percent of baby boomers reported having online accounts compromised.
· Only 33 percent of millennials create secure passwords for everything. The rest use passwords like “password,” “1234,” their names or birthdays. In contrast, 42 percent of Generation Xers and 53 percent of baby boomers always create secure passwords.
· Sixty-eight percent abandon the creation of an online account due to complex password requirements, while 55 percent abandon a login page because they forgot their passwords or answered a security question incorrectly.
Traditional passwords are currently widely used but poised to become obsolete in the next 10 years, the firm claims. Security risk is a factor driving consumers’ identity authentication preferences since 26 percent of respondents overall have had an online account compromised in the past 12 months. For millennials, that security-breach number jumps to 35 percent, most likely because survey data shows they have the worst habits for creating traditional passwords.
Millennials show the least amount of patience for setting up an online account with 38 percent abandoning an online registration page when password requirements are too strict. Their Generation X and baby boomer counterparts are not much more tolerant, with 33 percent and 27 percent abandonment rates, respectively. Even when consumers have created online accounts, 55 percent of respondents admit to abandoning a login due to a forgotten password, indicating businesses can potentially double visitors’ log-in rates by offering alternative forms of authentication.
Patrick Salyer, CEO of Gigya, said: “Within the next 10 years, traditional passwords will be dead as an authentication form. Consumer-focused brands require modern customer identity management infrastructures that support newer, more secure authentication methods, such as biometrics. Businesses that are already using advanced authentication methods demonstrate increased customer registration and engagement while enjoying greater login convenience and security.”
About the survey
By OnePoll.com in February 2016, it queried 2000 US adults and 2000 UK adults between the ages of 18 and 69 that access the internet and have online accounts. To view the entire study visit http://www.gigya.com/resource/whitepaper/death-of-the-password.