Story image

Biometrics vs passwords: How the generation gap is shaping workplace security

30 Jan 2018

Millennials are moving beyond the world of passwords and quickly embracing biometrics, leaving the older generations to continue carrying the password tradition, according to IBM Security’s Future of Identity Study.

75% of millennials are comfortable using biometrics, however fewer than half are using complex passwords and 41% reuse passwords. 34% use a password manager.

On average, those aged 55 and older use 12 passwords, however only 17% use a password manager. It is not clear from the study how people remember their passwords.

Millennials are also more likely to enable two-factor authentication after a breach (32%), compared to 28% of the general population.

IBM Security says that as younger employees dominate the workforce, organisations must be ready to adapt to the kinds of new technologies those employees bring in.

This could mean an allowance for increased use of mobile devices as the primary authentication device and integrating biometrics or tokens in place of passwords.

Asia Pacific respondents were the most open to biometric technologies. 78% are comfortable using biometrics today, compared to 65% of those in the European Union and 57% in the United States.

Fingerprint biometric technology is perceived as the most secure authentication method amongst all respondents (44%), followed by passwords (27%) and PINS (12%).

US respondents seem to be shunning the use of biometrics – 23% said they aren’t interested, which is almost double the global average.

“In the wake of countless data breaches of highly sensitive personal data, there’s no longer any doubt that the very information we’ve used to prove our identities online in the past is now a shared secret in the hands of hackers,” comments IBM Security A/NZ CTO Chris Hockings.

 “As consumers are acknowledging the inadequacy of passwords and placing increased priority on security, the time is ripe to adopt more advanced methods that prove identity on multiple levels and can be adapted based on behaviour and risk.”

Overall, security is now more important than the convenience factor – particularly as part of financial applications.

On average, 70% of all respondents rank security as the top priority for banking, investment and budgeting apps. 16% believe privacy is most important and 14% say convenience is most important.

Security also featured as a top priority for email, online marketplaces and workplace applications, however it is not so important for social media applications.

IBM Security says that organisations should recognise these preferences when choosing security solutions. Identity platforms that provide choices for multiple authentication options are able to provide flexibility and security.

The company also says that organisations can balance security and convenience by using risk-based processes that trigger additional security measures in certain situations, such as if an IP, device or location signal abnormal activity.

The 15-minute online survey totalled responses from 3,977 adults across the United States (U.S.), European Union (EU) and Asia-Pacific (APAC) regions, including:

•   APAC: 997 respondents (Australia, India, Singapore)

•   U.S.: 1,976 respondents

•   EU: 1,004 respondents (United Kingdom, France, Italy, Germany, Spain)

New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.