LoginRadius’ report reveals that enterprises & customers are opting for passwordless future

LoginRadius released a white paper discovering common password issues, plus the passwordless solutions that enterprises use to successfully improve customer experience (CX).

The whitepaper further outlines the challenges of username/password authentication, consumer trends in creating and managing passwords, secure & streamlined authentication methods, benefits of password less authentication etc.

Issue I – The Easy vs Secure Conundrum

Customers want fast, easy access to every site or app they use. Yet, 90% of internet users have data privacy concerns. If customers aren’t given secure, yet easy login and sign-up access, they’ll take matters into their own hands. They’ll create vulnerable passwords that jeopardize your digital infrastructure and their private data.

Why Passwords Fail
Password complexity is weak	FAIL: Passwords may meet complexity, yet still be considered weak because of password dictionaries
Passwords aren’t unique	FAIL: People reuse passwords and newly leaked dictionaries contain previously leaked passwords
Password follow patterns	FAIL: In most cases, the top 100 patterns will crack the majority of passwords in an organization
Password cracking is easy	FAIL: With available hardware resources, it can take seconds to brute force most password

Top 3 Password Hall of Shamers 81% of hacking-related breaches leveraged stolen and/or weak passwords? Bad passwords are so prevalent.
59% reuse their passwords everywhere – at home and at work.	87% of millennials reuse passwords, despite knowing better.	Over 70% of employees reuse passwords at work for all their work apps.

 

 CUSTOMER AND BUSINESS PAIN POINTS

Issue II- Interrupted Customer Journey

• One-third of online shopping is abandoned due to forgotten passwords. It is also a threat to the health of your business.
• A recent study shows that 18.75 percent of cart abandonment occurs during password resets.

This indicates that even when consumers are committed to buying something online, delays make people reconsider purchasing. For this reason, smart enterprises will want to eliminate any obstacles in the conversion process.

Here are some ways they do this.

CUSTOMER ACCESS SOLUTIONS

Passwordless

Biometric Authentication

An authentication method is called passwordless when no password is being stored. Instead, your customers gain access to your website or app through an access code or link that you send to their phone or email. One of the most popular passwordless methods used today is One Time Password (OTP). A no-password solution means better security and no-hassle sign-ins.

Within the past few years, biometric authentication has become quite common and includes: • Fingerprint: Using TouchID, users authenticate in real-time by scanning their thumbprint on a mobile device that is matched to an image on file. • Facial Recognition: FaceID allows a user to authenticate in real-time by taking a selfie that is then compared to an image on file. • Voice Authentication: This technology analyzes a customer’s voice for unique characteristics, then matches that to a voiceprint on file. • Gesture Biometrics: Another futuristic passwordless method being used today is called gesture biometrics. According to BioCatch, the software company who provides the Royal Bank of Scotland with this functionality, this system can detect imposters with 99 percent accuracy.[3]

 CUSTOMER AND BUSINESS PAIN POINTS

ISSUE I- TOO. MANY. PASSWORDS.

Password fatigues happens due to several online interactions like:

• Bill viewing or payment for telephone/cable/utilities
• Reviewing or paying for health/medical services
• Inquiring about government services
• Using software/apps for work
• Engaging with social media
• Making online purchases
• Managing your banking/Finances
• Signing up or into educational portals
• Contributing to chat forums, review sites, etc.

ISSUE 2 – WEAKENED PASSWORDS

A dangerous side-effect of password forgetfulness is the use of easily guessable (AKA hackable) passwords. A weak password not only puts consumer data at risk—it puts the companies that hold this data at risk, too. Some extra authentication methods may include a notification email sent to the user or administrator.
Here are some ways they do this.

Bring Your Own Identity (BYOI)

Multi-Factor & Risk based Authentication

·         CIAM software allows you to connect your app or website to a 3rd party provider that your customer uses. This way, your customers can sign in to your app or website using their existing credentials instead of creating a new password. Eg- Sign In with Apple. ·         Therefore, anyone who uses Apple will never have to remember a password when connecting to integrated 3rd-party apps. In addition, users can hide their emails, allowing for greater privacy and security. ·         A common example of BYOI is social login, where a customer may use Facebook or other social platforms to access a website or app.

Instead of asking people what they know (passwords), many enterprises are using authentication methods based on what people have—their smartphones. The common term for this is SMS-based authentication.   With this criteria, you can create a Risk Profile that recognizes out-of-character customer actions.

 

Deepak Gupta, Chief Technology Officer & Co-Founder, LoginRadius, “As technology pervades our lives, the need to remember passwords has grown considerably. Weak passwords and poorly managed login methods have become a pain point for both enterprises and customers, with severe security repercussions. In recent years, customers have gotten a big wakeup call about the value of their personal data and risks associated with it. We at LoginRadius, are helping business inspire customer confidence and prepare for password-less future with our solutions while complying with data privacy regulations.”

Conclusion

Judging by the numbers alone, chances are that many of your customers may be putting your business at risk due to bad password practices. That’s perhaps the strongest reason why passwordless authentication is preferred by consumers and enterprises alike.  A customer identity and access management solution can provide passwordless, yet secure authentication options for your customers.

While passwords might not be entirely ghosted yet, the majority of consumers agree: they need secure, simple, and seamless sign-ins across all devices. For businesses who fail to use passwordless technology, this can be a death sentence. That’s why smart enterprises aren’t waiting for a passwordless future—they’re preparing for it now.