SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Legacy technology hinders passwordless authentication in workplaces, finds Delinea report
Fri, 17th Nov 2023

The reality of passwordless authentication in workplaces may be stymied by the continued use of legacy technology systems, according to a report by Delinea, a leading provider of Privileged Access Management (PAM) solutions. The report, entitled 'The Future of Workplace Passwords: Not Dead, but Evolving', suggests that instead of becoming obsolete, passwords may transform into different forms of authentication.

In a survey commissioned by Delinea, it was revealed that 68% of the 300 US IT decision-makers participating, saw the future of passwords not as extinct, but as evolving. Biometrics (58%), other multi-factor authentication (MFA) technologies (46%), one-time passwords (37%), and passkeys (35%) are identified as solutions most likely to replace conventional passwords in the workplace.

The term 'passwordless' often elicits one of two strong reactions, according to Chris Smith, Chief Marketing Officer at Delinea. Either passwords will never get phased out, or they will inevitably disappear. "Our latest research shows that it doesn’t have to be one or the other, and that a range of authentication options are encouraging a future where passwords still exist but are in the background," Smith shared. However, he warned that the transition to passwordless must not be hasty to avoid inadvertently introducing new risks into the workplace.

Despite the growing acceptance of passwordless solutions, the transition away from traditional passwords is still distant for most organisations. From the survey's respondents, 36% projected a period of 1-2 years and 21% expected a span of 3-4 years before achieving passwordless authentication. The persistent use of legacy apps, compliance considerations requiring consistent authentication methods, and employees with reservations about passwordless processes are identified as principal obstacles. In fact, 95% of the surveyed IT decision-makers acknowledged they must comply with at least one set of access controls, which could be complicated by adapting to new authentication methods.

While there are hurdles to overcome before passwordless operations become the norm, enterprises acknowledge the need for the user experience to improve. Almost 60% of organisations in the survey utilise a PAM solution to manage passwords, showing they understand its importance. The majority anticipate a future where workplace systems require MFA challenges at login, while 19% predict an environment needing no username or password. According to Smith, “As biometrics become more accurate, legacy technology gets replaced, and Artificial Intelligence creates a stronger safety net, enterprises will likely become more comfortable with a passwordless future."

The report also offers insights into Artificial Intelligence's (AI) role in the evolution of workplace passwords. While 83% see AI as a defender in cybersecurity, they also acknowledge its potential threat, with half of these respondents conceding that it could pose challenges. This sober perspective further highlights the complexity and considerations at play in the transition to passwordless authentication.