Beyond Passwords: Advancing Identity Management with Device Authentication

Since the early days of computing, the use of passwords has been relied on as the primary method for authenticating users. Even today, 80% of businesses continue to trust passwords as a principle component of their enterprise security strategy. Broad evidence, however, suggests that overreliance on passwords is the weakest link in security effectiveness. According to EMA survey-based research, more than 60% of organizations experience a significant security breach each year and roughly 40% of these occurred directly because of a compromised password (Figure 1). Poor password controls are also a leading cause of other security violations, including malware attacks (e.g., virus, spyware, and ransomware infections), phishing attacks, and unauthorized access to business applications and data.

Beyond Passwords: Advancing Identity Management with Device Authentication