Following the news that:
45% of Financial Services Customers Are Very Comfortable Using Non-Password Login Methods
Following the news that:
45% of Financial Services Customers Are Very Comfortable Using Non-Password Login Methods
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
This latest survey from PYMNTS and Entersekt highlights consumers’ appetite for moving away from password-based authentication – something we have championed for a long time and which the industry is not enabling fast enough. Passwords are outdated and make users vulnerable to attack. Passwordless multi-factor authentication is by far the most effective way of protecting your online accounts and using biometrics or PIN-based solutions removes the need for passwords altogether. Technology that offers single-step MFA across all platforms has proven the most popular with users both because it enables much higher log-in success rates as well as allows them to log in so much faster.
This story is further proof that traditional text passwords are on the way out. Their security is diminishing, they become difficult to manage as users set up more accounts, and they feel increasingly clunky when compared to more modern authentication methods. While this opinion has long been held by security professionals, it’s interesting that the layman is warming to the idea of passwordless authentication – particularly for accounts as important as financial services.
It’s also worth noting that most of this authentication comes from mobiles devices and these have more complex authentication capabilities than something like a desktop system. Some applications can even use authentication behaviours to determine if a more complex login is required. Personally, I use a credential manager that is only accessible via biometrics which allows me to access systems, applications, and web sites that still require passwords, without having to remember my very complex unique password. It turns everything into MFA.