Passwords are declining in popularity as people switch to more secure passwordless authentication methods.
This is according to the latest FIDO Alliance Online Authentication Barometer report (opens in a new tab)which collects information on the state of online authentication around the world.
Based on a survey of over 10,000 consumers in the UK, France, Germany, US, Australia, Singapore, Japan, South Korea, India and China, FIDO estimates that password (opens in a new tab) Internet use declined by 5-9% year-on-year.
Passwords still popular
The study found that people are more likely to use biometrics or other convenient forms of authentication when logging into financial services, work computers and accounts, social media, streaming services or smart home devices.
However, despite the decline, passwords are still the number one online authentication method (opens in a new tab)despite the headaches they cause.
Seven out of ten (70%) people have had to recover at least one password in any given month.
Service providers and retailers have also been affected, with more than half (59%) of people simply opting out of online services.
In addition, 43% of people reported abandoning a purchase they intended to make online because they forgot their password.
As a result, the number of people choosing to stay logged into their accounts increased by 5%-11%.
But that’s not all bad news. FIDO reports that the use of multi-factor authentication (MFA) via SMS one-time codes (OTP) has increased by 1%-4%. While the use of text messaging in MFA comes with its own problems, the increase may suggest that awareness of alternative security solutions for online accounts and data is starting to go mainstream.
Passkeys, a novel authentication method introduced by Apple last summer, appears to have a high level of awareness among users, FIDO further stated. His data shows that this concept is familiar to 39% of people (in the 18-34 age group as much as 48%).
“People see entering passwords as a chore and avoid it whenever they can,” said Andrew Shikiar, executive director and CMO of the FIDO Alliance.
“Service providers are aware of the inconvenience and security issues with passwords and are offering more means of authentication such as cookies to stay logged in and/or legacy MFAs such as SMS OTP.”
While giving up passwords is a good thing, Shikiar noted that there is still a long way to go before everyone is guaranteed to be safer online.
“However, these attempts at convenience and security still rely on outdated and easily phishing authentication technologies that everyone must move away from if we are ever to stop the ongoing onslaught of data breaches.”
“All organizations should implement modern, phishing-resistant authentication in their plans, whether it’s via on-device biometrics, FIDO security keys, or passkeys.”