Poor password security has long been a running theme in the technology world, despite repeated warnings from IT security professionals and high profile examples of what can happen when accounts are cracked by malicious third parties. A recent report from security firm Preempt found that 35 percent of users have weak passwords, while the other 65 percent are capable of being cracked. The Ponemon Institute in 2017 found that 35 percent of companies have a password policy but do not enforce it. If you do not enforce your password policy you are leaving yourself open to human error, which in IT security terms rarely ends well.
Social media is another area where poor password discipline has grown alongside the ubiquitous social network usage: according to a 2016 report by the University of Phoenix, 2 in 3 adults in the US say their social media accounts have been hacked, yet 53 percent of attendees at the RSA Security Conference in San Francisco confess they have not changed their social media passwords in over a year, with 20 percent admitting they have never changed their passwords at all.
This might all be about to change however, thanks to the Millennials generation. Millennials have an in-built familiarity with digital technology having never inhabited a world without it, and a couple of years ago they overtook Generation Xers, according to Pew Research, to become the largest section of the US workforce.
Thanks to their digital native outlook, Millennials look at cybersecurity differently. A new IBM study, “The Future of Identity”, has found that Millennials are shunning the traditional typed password in favor of biometrics plus also multifactor authentication and password managers to safeguard their digital lives. Using a password manager, they can securely store more complex passwords and change them regularly, rather than having a memorable password to use across multiple accounts.
Changing demographics, changing philosophies
One of the starkest revelations of the IBM report was that end-users do seem to be shifting from the long-held philosophy that “convenience is king” when it comes to digital identity and authentication. When logging into devices or services, users have now started to place greater importance on security over convenience. Hopefully the security message is getting through.
The IBM survey found that 67 percent of users in general are comfortable using biometric authentication today, with a slightly higher 75 percent of millennials saying they are comfortable using biometrics. 87 percent of users would consider using biometrics in the future.
Password choice and use remains an area of concern though, with fewer than 50 percent of people saying they use complex passwords – containing upper and lower case letters, special characters, numbers and punctuation marks – while 41 percent admit to reusing old passwords.
Biometrics – the time has come?
Using biometrics to replace passwords seems to be a case of a technology whose time has arrived. As the Millennials population continues to grow, traditional passwords are likely to be increasingly phased out. The average American consumer today has to manage 150 online accounts which need password access, a number that is forecast to double in the next couple of years. Biometrics can deliver both greater security and more convenience over time.
As with many technology trends, it is Asia Pacific that is leading the way. The IBM report found that 78 percent of APAC users are already comfortable with biometrics, in contrast with 65 percent of EU citizens and 57 percent in the US.
Impact on the enterprise environment
As the Millennial generation grows in number and their habits impact the workplace, enterprises will need to adapt. Passwords will likely not disappear from use altogether, but they will become rarer – meaning enterprises will need to integrate flexible platforms and risk-based approaches into their thinking when it comes to authenticating users. With older employees still slightly biometrics-averse, combining different methods in a multi-factor authentication approach that gives users more choices could be the way forward.
The global biometrics technology market has been forecast to grow pretty rapidly in the next few years, to a value of more than $24 billion by 2020, according to Grand View Research. Biometrics looks set to continue becoming a mainstream access technology. No longer having to remember multiple passwords will become a thing of the past and our new ways to log in will be all about our face, hands, voices and even eyes.
I’ve been writing about technology for around 15 years and today focus mainly on all things telecoms - next generation networks, mobile, cloud computing and plenty more. For Futurity Media I am based in the Asia-Pacific region and keep a close eye on all things tech happening in that exciting part of the world.