Biometrics vs passwords: How the generation gap is shaping workplace security
Millennials are moving beyond the world of passwords and quickly embracing biometrics, leaving the older generations to continue carrying the password tradition, according to IBM Security's Future of Identity Study.
75% of millennials are comfortable using biometrics, however fewer than half are using complex passwords and 41% reuse passwords. 34% use a password manager.
On average, those aged 55 and older use 12 passwords, however only 17% use a password manager. It is not clear from the study how people remember their passwords.
Millennials are also more likely to enable two-factor authentication after a breach (32%), compared to 28% of the general population.
IBM Security says that as younger employees dominate the workforce, organisations must be ready to adapt to the kinds of new technologies those employees bring in.
This could mean an allowance for increased use of mobile devices as the primary authentication device and integrating biometrics or tokens in place of passwords.
Asia Pacific respondents were the most open to biometric technologies. 78% are comfortable using biometrics today, compared to 65% of those in the European Union and 57% in the United States.
Fingerprint biometric technology is perceived as the most secure authentication method amongst all respondents (44%), followed by passwords (27%) and PINS (12%).
US respondents seem to be shunning the use of biometrics – 23% said they aren't interested, which is almost double the global average.
"In the wake of countless data breaches of highly sensitive personal data, there's no longer any doubt that the very information we've used to prove our identities online in the past is now a shared secret in the hands of hackers," comments IBM Security ANZ CTO Chris Hockings.
"As consumers are acknowledging the inadequacy of passwords and placing increased priority on security, the time is ripe to adopt more advanced methods that prove identity on multiple levels and can be adapted based on behaviour and risk.
Overall, security is now more important than the convenience factor – particularly as part of financial applications.
On average, 70% of all respondents rank security as the top priority for banking, investment and budgeting apps. 16% believe privacy is most important and 14% say convenience is most important.
Security also featured as a top priority for email, online marketplaces and workplace applications, however it is not so important for social media applications.
IBM Security says that organisations should recognise these preferences when choosing security solutions. Identity platforms that provide choices for multiple authentication options are able to provide flexibility and security.
The company also says that organisations can balance security and convenience by using risk-based processes that trigger additional security measures in certain situations, such as if an IP, device or location signal abnormal activity.
The 15-minute online survey totalled responses from 3,977 adults across the United States (U.S.), European Union (EU) and Asia-Pacific (APAC) regions, including:
• APAC: 997 respondents (Australia, India, Singapore)
• U.S.: 1,976 respondents
• EU: 1,004 respondents (United Kingdom, France, Italy, Germany, Spain)