Passwords past their usefulness?

Poll of attendees finds that additional authentication methods and security controls moving passwords to the background are reshaping password security.

  • 1 year ago Posted in

Delinea has revealed results from a survey at the 2023 BlackHat USA Conference in Las Vegas last week, finding that password security continues to be a highly relevant topic even as cybersecurity strategies move toward a passwordless future. Of 100 business hall attendees polled, 54% said that “passwordless” is a viable concept while 79% agreed that passwords are evolving or becoming obsolete. 

 

When asked how they protect their passwords, the majority of attendees surveyed indicated they use an additional authentication method to secure their credentials and identity. Seventy-three percent (73%) use some form of multi-factor authentication (MFA), while 57% specifically indicated they use an authenticator app and 40% use biometrics. Over half (52%) use a password manager while 34% use a PAM solution to securely store their passwords. One in five (21%) indicated they are using passkeys now instead of or in addition to passwords. 

 

“The findings of this survey indicate an understanding of what passwordless means beyond just being a marketing term – specifically that it’s moving passwords into the background and using easier additional forms of authentication instead,” said Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea. “This takes on increased significance when 75% of respondents also acknowledged that the fastest way to get access to a network is through social engineering or stolen identities and passwords. The quicker organisations and end users alike can evolve their identity and access security beyond passwords, the safer we’ll be as a society.”  

 

The polling also revealed a perception that organisations are lagging far behind nation states and cybercriminals in the ongoing CyberWar. Only 12% of respondents indicated that they believe organizations are currently ahead of countries and criminals. 

 

The survey also uncovered a range of opinions about the threat of artificial intelligence (AI) programs, with 34% stating that it’s still early days and current iterations are not truly AI while 22% indicated that an AI takeover is already here. Only 11% of those polled expressed confidence that AI will never take over.  

Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security...
Talent and training partner, mthree, which supports major global tech, banking, and business...
Cloud-native organisations to gain full understanding over every identity in the cloud, secured...
MSSPs identify regulatory compliance as additional factor as organisations seek to shift...
Orange Business (Norway), a global leader in digital services, has selected ARMO’s advanced...
Gigamon and Exclusive Networks have expanded their existing distribution partnership, broadening...
Trustwave and Cybereason have announced a definitive merger agreement offering a comprehensive and...
FortiDLP’s unified approach to data protection enables enterprise organizations to anticipate and...