Why the Future Is Passwordless

Passwordless authentication gives IT teams the control they need while providing employees with a seamless login experience. Here's why the future is passwordless.

Dark Reading Staff, Dark Reading

November 30, 2020

4 Min Read
Dark Reading logo in a gray background | Dark Reading

Passwords have been at the heart of keeping our digital lives secure for decades. Just think — any time we access any digital device or account, we need to enter a username and password. This is nothing new. As technologies advance and society continues to operate in a remote work environment, the number of online accounts grow. For many, keeping track of the numerous account details has become a burdensome task, inevitably causing individuals to use poor password hygiene. This is slowly changing in bits and pieces, but the password experience is still very common.

While organizations and people understand that passwords play a huge role in one's overall security, many continue to neglect best practices by using or reusing weak, easy-to-crack passwords. In fact, over 80% of hacking breaches involve brute force or the use of lost or stolen credentials. Specifically, 37% of credential theft breaches used stolen or weak credentials, sparking many to ask: Why do we still depend on this form of authentication?

While we won't completely eliminate passwords, a passwordless approach could be the answer to many authentication and security challenges. Our "From Passwords to Passwordless" report found that 92% of IT professionals believe that delivering a passwordless experience for end users is the future for their organization.

Remote Work Accelerates the Move to a Passwordless Approach
The massive shift to remote work seemingly happened overnight, and organizations quickly adapted their business operations to support remote employees. The pandemic forced IT leaders to rethink strategies to manage their employees outside of the office in a secure manner, accelerating digital transformation. 

As companies continue to navigate long-term remote work and the security challenges that come along with it, such as insecure networks or lack of visibility, deploying new technologies will be top-of-mind for IT decision-makers well into 2021. Finding solutions that will enable remote employees to have simple and secure access will be more important than ever to support business continuity, and passwordless authentication may be the remedy. Acknowledging the security risks associated with passwords, more and more organizations will look toward adopting passwordless authentication.

Benefits of Adopting Passwordless Authentication
One of the most advantageous reasons to adopt passwordless authentication is the increase in security. Eliminating users' need to manage and use passwords means eliminating risk. Users no longer need to rely on multiple usernames and passwords, alleviating the worry of keeping track of login credentials and the poor password behaviors that often come along with this. Various identity and access management (IAM) solutions can also enable stronger security within an organization. Implementing solutions such as single sign-on (SSO), enterprise password management (EPM), and biometric multifactor authentication (MFA) strengthens an organization's security posture and makes individuals less susceptible to cyberattacks.

Passwordless authentication also increases workplace productivity as employees no longer need to spend time inputting and changing passwords. Not only will this free up employees' time, but this will help alleviate stress to an organization's IT department. Today's IT teams spend an average of six hours per week on password-related issues. Removing this burden will enable IT to use that time on other critical tasks.

Opting for passwordless authentication provides employees a seamless login experience across all channels without inputting a password and likely submitting help desk requests for password resets. By allowing employees to simply and securely authenticate using biometrics or other integrations, the user experience is instantaneously improved since there is no longer a need to enter a complex password. Overall, the process is fast and convenient, reducing the day-to-day frustrations of logging in and remembering complex passwords. For IT teams, passwordless authentication provides complete control — even in a dispersed work environment.

Adopting a Passwordless Model
As remote work becomes the new normal, organizations will need to reassess security challenges within a hybrid workforce. Next year, we will see continued adoption of passwordless authentication models through the implementation of IAM solutions.

Visit LastPass.com to learn how to help your organization adopt a passwordless model today.

 

About the Author
Gerald Beuchelt is the Chief Information Security Officer at LogMeIn, makers of password and identity management solution LastPass. He is responsible for the company's overall security, compliance, and technical privacy program. With more than 20 years of experience working in information security, he is a member of the Board of Directors and the IT Sector Chief for the Boston Chapter of Infragard. In his prior role, Gerald was the Chief Security Officer for Demandware, a Salesforce Company. He holds a Master of Science degree in theoretical physics.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights