February 28, 2018 By Cassy Lalan 2 min read

The death of the password has been rumored for years, but to this day it remains the primary way we identify ourselves online, with the average user now managing well over 100 accounts that require a password. Yet changing tides in the cybersecurity landscape, combined with evolving technology and consumer preferences, indicate that the end of the password era may finally be at hand.

Consumers Embrace Alternatives to Password Protection

In the wake of countless data breaches, consumers are becoming increasingly security-aware and open to changes in the way they identify themselves online. In a recent IBM Security study, respondents ranked security as their top priority over convenience when logging in to the majority of applications.

As options such as biometrics, multifactor authentication (MFA) and password managers become more advanced, consumers are already starting to move beyond password-only approaches and embrace a new future of identity. The IBM study found that fingerprint scans are seen as the most secure method of authentication. In addition, 67 percent of consumers are using biometric authentication today, while 87 percent said they’d be open to this technology in the future.

Millennials, currently the largest generation in the U.S. workforce, are at the forefront of driving these changes. With a stronger preference for convenience, younger generations are the most likely to embrace biometrics. They are also twice as likely as older generations (ages 55+) to use a password manager to lock down their accounts.

‘Today’ Takes a Closer Look at the Future of Identity

NBC’s Tom Costello recently joined IBM X-Force experts at the Cyber Range in Cambridge, Massachusetts, to discuss why password-only approaches are becoming obsolete and what the future may hold in terms of how we prove our identities online.

Check out the full “Today” segment, along with tips to protect yourself online:

To learn more about consumer trends around identity and access, check out IBM’s “Future of Identity Study.” You can also get highlights and additional analysis from this podcast and blog series.

Read the complete “IBM Future of Identity Study”

More from Identity & Access

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Web injections are back on the rise: 40+ banks affected by new malware campaign

8 min read - Web injections, a favored technique employed by various banking trojans, have been a persistent threat in the realm of cyberattacks. These malicious injections enable cyber criminals to manipulate data exchanges between users and web browsers, potentially compromising sensitive information. In March 2023, security researchers at IBM Security Trusteer uncovered a new malware campaign using JavaScript web injections. This new campaign is widespread and particularly evasive, with historical indicators of compromise (IOCs) suggesting a possible connection to DanaBot — although we…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today