Not having a password may be safer: WEF study

Freeing ourselves of passwords will make individuals businesses more efficient


According to a new report released by the World Economic Forum during its 2020 annual meeting, freeing ourselves of passwords will actually make individuals safer and businesses more efficient. 

Cybercrime is set to cost the global economy USD 2.9 million every minute in 2020, and some 80 per cent of these attacks are password-related.

It is safer not to have a password as weak or stolen passwords account for an average of four out of five global data breaches.

Knowledge-based authentication whether with PINs, passwords, passphrases, or whatever we need to remember is not only a major headache for users, it is costly to maintain, the study found.

For larger businesses, it is estimated that nearly 50 per cent of IT help desk costs are allocated to password resets, with average annual spend for companies now at over USD 1 million for staffing alone.

"Passwordless authentication does not mean removing all security barriers to our digitalized society. It means harnessing tools such as artificial intelligence and machine learning to save users time and save company money," the WEF said.

With the growing availability of biometrics and next-generation technology, consumers are demanding a better digital experience while wanting to be secure online," said Adrien Ogee, Project Lead, Platform for Shaping the Future of Cybersecurity and Digital Trust, World Economic Forum. Better authentication practices are not just possible they are a necessity.

The report, produced in collaboration with the FIDO Alliance, has suggested five top passwordless authentication technologies, ready for implementation by global companies. They are biometrics, behavioural analytics, zero-knowledge proofs, QR codes and security keys.

"Relying on passwords as the primary means for authentication no longer provides the security or user experience that consumers demand," said Andrew Shikiar, Executive Director and Chief Marketing Officer of the FIDO Alliance.

The path forward is with standards-based, cryptographically secure authentication that keeps login info secure and private, while providing a fundamentally better user experience. 

(with inputs from PTI)