Should Passwords be a thing of the past?
How many times have you forgotten your password and had to go through the process of resetting it? The same old security questions have you digging around your memory bank for your first teacher’s name. And you can guarantee it always happens at the most inconvenient time. In my opinion forgotten passwords are one of the greatest bug bears that frustrate users of IT and as a result impacts the user experience. The pace of technology advancement and transformation has been accelerating and continues to accelerate at pace, and password resets still account for a large proportion of calls to IT Service Desks, taking up valuable time for both the user and Service Desk. So why do many organisations still live with this password problem?
I read an article on the BioConnect website which suggested that between “20% and 50%” of all IT Help Desk calls were for password resets” and on “average it costs an [US] enterprise $70 for a single password reset”. That’s a lot of cost and use of talent which could be used doing something more valuable to the business, also not to mention the number of productive hours lost by the user.
Over the last few years technology has advanced and the introduction of Biometrics has improved the situation a lot, yet the problem of forgotten passwords remains a tale as old as time.
So, with that in mind, why haven’t we eliminated passwords altogether? After all the phrase, “Prevention is better than cure” [often attributed to the Dutch philosopher Desiderius Erasmus] feels apt in this situation. The future is password-less as it must be and this will undoubtedly improve user experience, security and reduce calls to IT Service Desks. According to Gartner, “by 2025, more than 50% of the workforce and more than 20% of customer authentication transactions will be passwordless”
Right now, IT specialists need to exploit the capabilities available to us today such as Windows Hello for Business and the further adoption of Biometrics to reduce the password burden. Alongside this, we must prepare for user hesitancy as biometrics can be controversial. Some will celebrate the removal of passwords whilst others will be late adopters of new technologies that often appear intrusive.
I know that I will be kicking passwords out the door as soon as technologies are fully established to replace the traditional security processes. But for now, we continue to encourage strong and safe passwords for our customers. We support their tireless log in issues, and we seek to educate on password best practice.
We won’t solve the forgotten password issue alone, but we move towards a passwordless future that will free up time and resource once again.
Take 3 Steps Toward Passwordless Authentication (gartner.com) (Gartner subscription needed)
Paul Jones, Chief Information Officer