>
Passwords are becoming more and more popular as people move to more secure passwordless authentication methods.
That’s according to the FIDO Alliance’s latest online authentication barometer reportthat collects global insight into the status of online authentication.
Based on a survey of more than 10,000 consumers in the UK, France, Germany, US, Australia, Singapore, Japan, South Korea, India and China, FIDO estimates that password (opens in new tab) online usage is down 5-9% year-over-year.
Passwords still popular
The study found that when logging into financial services, work computers and accounts, social media, streaming services or smart home devices, people are more likely to use biometrics or other convenient forms of authentication.
However, despite the decline, passwords are still the main method of online authentication (opens in new tab)despite the headaches they cause.
Seven out of ten (70%) people have had to reset at least one password in any given month.
Service providers and retailers have also been affected, with more than half (59%) of people simply giving up access to online services.
In addition, 43% of people reported abandoning a purchase they wanted to make online because they forgot their password.
As a result, the number of people who decide to stay logged in to accounts has increased by 5%-11%.
But it’s not all bad news. FIDO reports that the use of multi-factor authentication (MFA) via SMS One-Time Passcodes (OTP) has increased by 1%-4%. While the use of text messaging in MFA comes with its own set of issues, its emergence may indicate that awareness of alternative security solutions for online accounts and data is beginning to become mainstream.
Passkeys, a new authentication method introduced by Apple last summer, appears to have a high level of awareness among users, according to FIDO. According to the data, 39% of people are familiar with the concept (up to 48% in 18-34 year olds).
“People see entering passwords as a pain and avoid it when they can,” said Andrew Shikiar, executive director and CMO of the FIDO Alliance.
“Service providers are realizing the inconvenience and security issues with passwords and are offering more ways to authenticate, such as cookies to keep you logged in and/or legacy MFA like SMS OTPs.”
While it is a good thing to do away with passwords, Shikiar noted that there is still work to be done before everyone can guarantee greater security online.
“However, these attempts at convenience and security are still based on outdated and phishable authentication technologies that everyone must abandon if we are ever to stop the constant onslaught of data breaches.”
“Organizations should all have modern, phishing-resistant authentication on their roadmaps, be it via on-device biometrics, FIDO security keys or passwords.”