| Publisher | Cybersecurity Insiders |
| Year | 2023 |
| Publishing Frequency | Yearly |
| Cost | Free, Login Required |
| Topics | Credentials, Passwords, Login Security, Authentication |
Overview
The HYPR’s 2023 State of Passwordless Security report reveals that organizations are eager for change but hesitant to take action. However, the consequences of inaction, such as security risks and business impacts, are becoming increasingly apparent.
Passkeys are emerging as a solution, offering a phishing-resistant, user-friendly, and scalable alternative to passwords. This presents options for various use cases, such as consumer services benefiting from syncable passkeys and enterprise security teams opting for device-bound passkeys.
The change towards passwordless authentication will be driven by employees and customers who expect a simple login experience. While the transition will not happen overnight, it marks the beginning of a new era. Passkeys will evolve based on market response, leading to improved iterations and the development of implementation best practices.
Organizations that embrace these phishing-resistant systems early will be in a strong position, not just in terms of security but also in terms of the efficiency gains brought by a simplified user experience.
The annual State of Passwordless Security Report provides insights for organizational leaders and those involved in IT and security. Passwordless technology was relatively unknown in the past, and insecure passwords were accepted as a burden. However, high-profile breaches of companies like Uber and Cisco, despite having multi-factor authentication, have highlighted the vulnerability of traditional authentication methods.
The Cybersecurity and Infrastructure Security Agency (CISA) has urged organizations to deploy phishing-resistant passwordless multi-factor authentication based on FIDO standards. The report includes detailed research and analysis conducted by Vanson Bourne, exploring cyber threats, perceptions about authentication security, current authentication practices, and the impact of passwordless authentication.
