Okta, Inc. (NASDAQ:OKTA), the leading independent provider of identity for the enterprise, today debuted The Passwordless Future Report, which demonstrates how passwords negatively impact the security of organisations and mental health of employees. The research, which surveyed 4,000+ workers across the UK, France and the Netherlands, also found that there is a readiness for passwordless security methods such as biometrics, with 70% workers believing biometrics would benefit the workplace.
Dr. Maria Bada, Research Associate, Cambridge University said, ‘’Okta’s research clearly showed that employees can experience negative emotions and stress due to forgetting a password and that can impact not only their career but also their emotional health. And this is not due to forgetting a password but due to using an insecure method to remember passwords. Biometric technology can be promising in creating a passwordless future, but it’s essential to create an environment of trust, while ensuring privacy and personal data protection.’’
Passwords are the ideal targets for cyber crime
The majority of hacking-based breaches are a result of reused, stolen or weak passwords. Okta’s research found that in total, 78% of respondents use an insecure method to help them remember their password and this rises to 86% among 18-34 year olds. Some of these memory aids include:
o 34% use the same passwords for multiple accounts
o 26% write them down on paper
o 17% type them on their phone or computer
o 6% use well-known passwords
Dr. Bada said, “Passwords are often quite revealing. They are created on the spot, so users might choose something that is readily to mind or something with emotional significance. Passwords tap into things that are just below the surface of consciousness. Criminals take advantage of this and with a little research they can easily guess a password.”
Passwords impact mental health in the workplace
Anxiety is on the rise in the workplace due to several factors, but security is one that has flown under the radar. The Passwordless Future Report found that 62% of respondents feel stressed or annoyed as a result of forgetting their password. This was highest in the UK (69%), compared with France (65%) and the Netherlands (53%). The average worker must remember a total of 10 passwords in everyday life which evokes negative emotions in two-thirds of respondents (63%).
Dr. Bada said, “The potential impact from forgetting a password can cause extreme levels of stress, which over time can lead to breakdown or burnout. That is due to our brains being sensitive to perceived threats. Being constantly focused on potential threats online causes us to become hypersensitive to stress. In the long term that can cause mental health problems.”
The future is passwordless
By combining methods such as biometrics and machine learning with strong authentication, organisations can remove inadequate gateways like passwords altogether.
A staggering 70% of respondents feel there are advantages to using biometric technology in the workplace. This is the highest in France (78%) and with 18-34 year olds across all regions (81%). Almost one-third (32%) feel that biometric technology could make their day-to-day life easier or reduce their stress and anxiety levels in the workplace. However, 86% of respondents have some reservations about sharing biometrics with their employers, demonstrating that workers are ready for the ease of use, but do not trust organisations to protect their data.
Todd McKinnon, CEO and co-founder of Okta concluded, “At Okta, we believe deeply in the potential for technology, and that for organisations of all sizes and industries attempting to become technology companies, trust is the new frontier. Today, businesses need to adopt technology that enables them to innovate quickly, while prioritising the security, privacy, and consent controls that help them to be trusted. Passwords have failed us as an authentication factor, and enterprises need to move beyond our reliance on this ineffective method. In 2019, we will see the first wave of organisations going completely passwordless and Okta’s customers will be at the forefront.”