There are many complex challenges in today's constantly changing IT security environment.

The growth of working from home and mixed work poses challenges for IT teams and users. Users want to work anywhere and on any device, and IT is often overburdened when trying to solve and simplify access problems. This may prompt people to abandon password authentication, providing a welcome relief for frustrated users and tired IT and network administrators.

For workers, customers, and anyone else who must log in to networks and computer assets, passwords may represent the most common and unsatisfactory security experience. As the SANS Institute points out, "Not only do people feel overwhelmed by all the different and complex rules of how to use passwords, but they are also very simple about the numbers they have to manage."

This leads to less than ideal security practices, such as reusing common and easy-to-guess passwords and writing down passwords that others can view. Password management takes up countless hours, and IT and network administrators need to spend time helping users who forget their passwords and lock their accounts after multiple attempts.

Although this may seem counterintuitive, fewer passwords and less reliance will actually make devices, corporate networks, and cloud services more secure.

With more and more devices and services that need to log in, especially considering the rise of remote work, some individual users either rely on insecure practices, such as using the same password for multiple devices and services, or constantly requiring the call station to be at They get locked out.  

To improve the security of passwords, multi-factor authentication (MFA) requires users to provide a second form of identification to gain access, such as codes, push notifications, or biometric technology (such as fingerprints, voice, or retinal images) to identify the person.

A recent report by Cisco Duo Security confirmed that companies are taking steps to get rid of passwords and adopt low-friction authentication methods to protect the mixed workforce.

Data analysis of more than 36 million devices, more than 400,000 unique applications, and approximately 800 million monthly identity verifications from Duo’s global customer base found that Duo MFA identity verification has increased by 39% in the past year, while biometric identity Verification grew faster, reaching 48%.

The Duo Trusted Access Report states: “Certain authentication methods are more user-friendly than others.” “Remembering hundreds of passwords longer than 20 characters can be daunting. Password manager applications can Help streamline the process, but MFA or biometric security can provide more help.”

Authentication using methods such as WebAuthn eliminates the need for users to keep a large number of authentication password caches by acting as the first and second factors. Since its introduction by the World Wide Web Consortium (W3C) as an open standard in April 2019, Duo has observed a five-fold increase in WebAuthn, which enables biometrics to be stored and verified securely locally on the device instead of a centralized database.

Most users already have the hardware required for passwordless authentication in their pockets-more than 71% of Duo customer phones have biometrics enabled. Given that the required tools are readily accessible, Duo also found that more than half of organizations are planning to implement a password-free strategy.

The password-free future is closer than ever, and the reward for organizations is that the use of more user-friendly authentication will bring greater security.

"We have now reached the point where the user experience itself is a security control," said Dave Lewis, Chief Information Security Officer, Cisco Global Consulting. "Businesses are turning to new and more effective methods of handling access control, and seeing in action how democratizing security can go a long way in allowing mixed workers to focus on their core capabilities without sacrificing security."

Duo is part of Cisco's industry-leading zero-trust solution that provides secure access to any user, from any device to any IT application or environment.

To learn more about the road to a password-free future, please visit duo.sc/pwless-info.

Pete Bartolik has been researching and writing articles about technology and vertical market segments for many years, and has participated in many market research, writing and social media projects. He is a news editor for the IT management publication Computerworld and a reporter for a daily newspaper.

Copyright © 2021 IDG Communications, Inc.

Copyright © 2021 IDG Communications, Inc.