Tuesday, May 21, 2024

Tech News, analysis, updates, comments, reviews

Survey: IT leaders expect resistance to passwordless security

Industry experts discuss how to get employee buy-in on biometric security.

Nowadays, facial recognition can open your iPhone and the right fingerprint will log you into your work laptop.

As our everyday devices gain non-password authenticators, however, a study from Ping Identity and Yubico finds IT leaders predict resistance to the biometric option in their organizations: While 84% of global IT leaders consider passwords “a deceptively weak way to store your data,” 97% of respondents currently without passwordless authentication predict barriers in implementing the technology, citing a lack of urgency, technical expertise, and buy-in.

“Many of these roadblocks are not technological, but cultural,” reads the report. While 93% of the 600 IT leaders surveyed said that their organization is “at least somewhat likely” to adopt passwordless authentication,88% of those without passwordless authentication believe their organization would be resistant to adopting it.

To overcome the “cultural” barriers, organizations must emphasize two ideas, according to industry pros who spoke with IT Brew: communication and ease of use.

What’s the holdup?

While passwordless options like biometrics, pins, and hardware security keys take the guessable character-string option away from the hacker, the old authenticator is difficult for companies to quit—a reality that irks Zain Malik, senior product marketing manager at Ping Identity.

It’s kind of frustrating because there are less limitations than ever before, less barriers to entry. Our devices are now enabled with biometrics,” Malik told IT Brew. “So, it’s just a general human resistance to change.”

Take it easy

Passwordless implementation may have complicated hurdles: A thumbprint reader could be a fine option for an office worker, but not for factory-floor workers who are wearing gloves, said Malik. Legacy systems may not be ready to handle tokens.

To get buy-in from resistant humans, Terry Jost, managing director and global security and privacy segment leader at Protiviti, emphasizes the importance of keeping the authentication path simple.

“I think that the more you can make it easy for people to access their tools and their applications, then I think most people will go along with it,” said Jost.

Some organizations, to ease access, have their employees get their authentication out of the way early. Malik, for example, uses his thumbprint to log-in to his “dock” in the morning; as long as his device shows no anomalous behavior, no password is required for any other apps or programs beyond that point.

Authentication talks

A final driver for successful passwordless implementations, said Malik, is “executive sponsorship.”

A 2021 study, conducted by the Ponemon Institute and Secret Double Octopus, found that passwordless authentication saves the average organization approximately $1.9M in costs over conventional password-based authentication over two years, comparing the monetary costs of password attacks and help-desk requests.

“Nothing sells better than numbers that talk about cost savings and cost-efficiency,” said Ponemon Institute founder Larry Ponemon shortly after the paper’s release.


  1. Wow Thanks for this page i find it hard to unearth beneficial answers out there when it comes to this subject material thank for the site website

  2. Wow Thanks for this thread i find it hard to locate decent information and facts out there when it comes to this topic thank for the information site


Please enter your comment!
Please enter your name here

Get notified whenever we post something new!


Migrate to the cloud

Make yourself future-proof by migrating your infrastructure and services to the cloud. Become resilient, efficient and distributed.

Continue reading

Google I/O 2024 Unveils the Future?

Google I/O 2024 was an impressive showcase of how Google continues to push the envelope with artificial intelligence. This year's event introduced significant advancements across multiple services and platforms, demonstrating Google's commitment to an AI-first future. Below, I try...

On-Premises vs. Cloud Security

As usual, we begin by championing cybersecurity. It stands as the foremost concern for organizations striving to safeguard their sensitive data and digital assets. Among the many strategies available, two dominant paradigms have emerged: on-premises security and cloud security....

Regulation Insights from Starlink’s in Zimbabwe

In recent times, the journey of Starlink, Elon Musk's ambitious satellite internet venture under SpaceX, has been marked by regulatory challenges, particularly in Zimbabwe. Meanwhile the Posts and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ) issued a directive instructing Starlink...

Enjoy exclusive discounts

Use the promo code SDBR002 to get amazing discounts to our software development services.