Passwords are Failing Even Harder in the Remote Work Era
August 25, 2021
August 25, 2021
According to Verizon’s 2021 Data Breach Investigations Report, 45% of data breaches in 2020 involved hacking, and over 80% of those hacking breaches involved brute force or the use of lost or stolen credentials.
COVID-19 has changed the way we work and hackers are loving it. Statistics from the Ponemon Institute’s Cybersecurity in the Remote Work Era report show that 60% of mid-sized businesses (250-5,000 employees) that had asked their employees to work remotely experienced a cyberattack in the last year; 56% of those experienced credential theft, and 48% experienced social engineering, such as phishing.
Employees working remotely is the new normal, and the change happened quickly.
Change in remote work trends due to COVID-19 in the United States in 2020 (Statista)
The future of work can’t afford to rely on passwords
A report by the World Economic Forum outlines four major benefits of going passwordless:
- Higher revenues, lower costs
Cybersecurity has been traditionally perceived as a cost centre, so the financial consideration is perhaps the most notable reason why companies should consider transitioning to passwordless authentication. Not only does it lower costs associated with password management and data breaches, it actually improves revenues through increased productivity and customer ratings.
- Better User Experience
Passwordless authentication is seamless. It emulates the way in which human beings have recognized each other for millennia: by looking for either identifying belongings or personal traits, such as uniforms, height or body shape. In other words, passwordless authentication is becoming a competitive differentiator, and a key consideration for digital transformation leaders. It is the entry door to an online service.
- Interoperability Unlocks Value
Interoperability is made possible by standards. The FIDO Alliance24, an open industry association and a prominent passwordless advocate, has created open standards for passwordless authentication to online and mobile services. Its most prevalent standard, FIDO2, was developed with the World Wide Web Consortium (W3C) and became a web standard in March 2019. (Learn more about Acceptto’s FIDO solution here)
- Fewer Passwords, Greater Security
When companies transition to passwordless solutions, they considerably reduce their exposure to data breaches. Contrary to companies that store their customers’ passwords on their servers, passwordless solutions require no personal information to be stored for authentication purposes. When authentication is performed on the user side, no personal information is transmitted over the internet, making man-in-the-middle attacks virtually impossible.
Request a demo of Acceptto’s Passwordless Continuous Authentication here.