Never miss a great news story!
Get instant notifications from Economic Times
AllowNot now


You can switch off notifications anytime using browser settings.
11,921.50-96.9
Stock Analysis, IPO, Mutual Funds, Bonds & More

Sixty nine percent of enterprises will do away with passwords within 5 years

In recent times, hackers have grown more sophisticated and as users’ fingers have grown weary.

, ETCIO|
Updated: Oct 14, 2016, 05.17 PM IST
0Comments
BCCL
Password-BCCL
If a recent survey is to be believed, passwords may be headed towards obsolescence within enterprises.
Ever since the invention of the Internet, passwords have been a staple of secure verification.

However, if a recent survey is to be believed, passwords may be headed towards obsolescence within enterprises.

SecureAuth Corporation, a US-based solution provider of adaptive access control, released a survey yesterday revealing that 69 percent of organizations are likely to do away with passwords within the next 5 years.

The survey commissioned in conjunction with Wakefield, saw participation from more than 200 IT decision makers (ITDMs) in the U.S. The survey also found that organizations on average are only protecting 56 percent of their assets with multi-factor techniques.

When asked why they had not yet made improvements to their authentication strategy, respondents cited resistance from company executives and disruption to users' daily routine as the top hindrances -- tied at 42 percent. Other reasons for not adopting an improved authentication strategy included lack of resources to support maintenance (40 percent), steep employee learning curve (30 percent) and fearing that improvements would not work (26 percent).

“On the heels of recent mega breaches such as Yahoo!, in which usernames, passwords and security question responses were compromised, there's a growing movement from individuals and businesses for an authentication overhaul,” said Craig Lund, CEO of SecureAuth. "Single-factor, password-based authentication -- and even many traditional two-factor approaches -- are no longer enough in today's increasingly digital world. And with costs associated with cyberattacks totaling millions of dollars a year, it's in everyone's best interest to make it more difficult for attackers to cause further damage to our economy.”

In recent times, hackers have grown more sophisticated and as users’ fingers have grown weary. This has led to some promising password-less ID verification technologies coming to the fore like Selfie Pay from MasterCard, notification authentication and fingerprint verification (in Apple Pay, Android Pay and Samsung Pay phones) to name a few.

Shockingly revealed in the survey, was nearly all (99 percent) of respondents agree two-factor authentication is the best way to protect an identity and its access.

However, recent news has shown that many traditional two-factor authentication methods, such as SMS-based one-time passwords, are being circumvented by attackers in well-crafted phishing attacks.

Illustrating this inherent risk, the National Institute of Standards and Technology (NIST) recently announced a proposal to no longer recommend two-factor authentication using SMS delivered one-time passcodes as an out-of-band authentication method. Indeed, basic two-factor authentication alone is no longer enough -- and it's time for companies to adapt.

Furthermore, the majority (73 percent) of Wakefield respondents cited security questions or knowledge-based authentication (KBA) as the most essential measure for a company to authenticate its users securely. However, attackers often compromise these security questions and answers, greatly increasing an individual's exposure to cybercriminal attacks. Responses to some security questions can also be gleaned from social media sites, social engineering attacks and even a cybercriminal's educated guess.

Also Read

CERT-In advises OnePlus users to alter passwords

How to reset SBI net banking profile password

Your payment info, passwords are safe: OnePlus confirms data breach, says email addresses were compromised

Kaspersky finds 60 per cent rise in users hit by password stealers

4 ways to reset your income tax e-filing password

Comments
Add Your Comments
Commenting feature is disabled in your country/region.
Download The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.

Other useful Links


Follow us on


Download et app


Copyright © 2019 Bennett, Coleman & Co. Ltd. All rights reserved. For reprint rights: Times Syndication Service