As the world continues to adapt to the pandemic, many organizations have chosen to keep their workforce at home longer. Some are changing the way they work and introducing hybrid models while employees work in and out of the office. This hybrid workforce already presents a number of challenges for IT teams, one of which is password security.
The World Economic Forum estimates that cybercrime costs $ 2.9 million per minute and that 80% of these activities are password cracking attempts. With the advent of working from home, companies are now more committed than ever to ensuring the security of their employees’ computers.
Microsoft is one of the companies that is moving from passwords to other authentication, especially cloud computing technology. At a recent Microsoft Ignite conference, the company announced that Azure Active Directory has a standard practice for passwordless logins and updated the recently released FIDO2-based password pilot program to include several new features. As a bigger tech giant than Microsoft is aggressively moving towards a passwordless future, this is a profitable prospect.
The passwordless login experience means that while the passwords still exist in the IT infrastructure, the employee does not have to manually enter the password during login. It offers many benefits such as reducing IT costs by eliminating password risks, increasing employee productivity by remembering the time and/or changing passwords, and increasing security by protecting each access point through more secure means of authentication. However, taking a passwordless approach requires selecting and implementing the technology that meets the needs of your organization.
Transition to a passwordless future
Although there are around 200 million users who have switched to Microsoft services without a password, millions of users still prefer the convenience of a password. The settings of the cybersecurity keys are not intuitive and the procedures may vary between websites and applications. Physical security keys could be stolen or damaged, and Bluetooth keys and batteries could be dead when needed. On a psychological level, psychics have been using passwords for generations, so it takes years of investment to change consumer-level behaviour.
For those switching to non-passwords, the option to continue logging in with the password and security key is preferable, which fails to do so. However, Gartner predicts that 60% of large enterprises and 90% of midsize businesses will take the initiative to implement passwordless features in at least half of their use cases within the next year.