Dashlane, maker of one of the best password managers out there, has released new research into which major websites are doing the best job of using password technology.
Passkeys are an alternative form of two-factor authentication that uses a cryptographic key stored on a personal device. This key is then typically verified using biometric data, such as a fingerprint or facial recognition.
Passkeys are resistant to phishing and brute-force attacks. Even if an attacker has the device that contains your passkey, they cannot use it. That is why passkeys are a great alternative to passwords.
Which websites want passwords?
The results of the first Passkey Report reveal the domains and industries paving the way for passkeys.
Consumers are largely driving password adoption, with popular sites including social media sites, financial and payment sites, and ecommerce. Amazon, Target, and eBay are among the four fastest growing password domains as of Q2 2024, underscoring the significant driver of ecommerce sites.
Within the financial sector, sites like Coinbase, Binance, Moneybird, and Stripe are leading the way, with more focus on improving the security of their sites than on the consumer push. Financial and payment sites are a lucrative target for attackers, especially those offering cryptocurrency wallets. Securing these sites is therefore paramount to protect both the revenue and reputation of each brand.
When broken down by industry, ecommerce makes up 41.7% of sites driving passkey adoption, followed by software services at 19.9% and finance and payments at 14.4%. Dashlane cites FIDO research that shows the average U.S. consumer abandons a purchase or stops using an online service due to forgetting their password approximately 4.76 times per day. By introducing passwordless access, sites can capitalize on lost revenue.
Dashlane also reports that the number of passkey authentications using their service has increased by more than 400% since the beginning of the year, to 200,000 authentications per month.
“The user friction caused by forgotten passwords and password resets costs businesses millions in lost revenue and time,” said John Bennett, CEO of Dashlane. “Compromised and weak passwords continue to be at the heart of most breaches, causing immense financial and reputational damage.”