Passwords are declining in popularity as people switch to more secure passwordless authentication methods.
This is according to the latest online authentication metric from FIDO Alliance Reportwhich collects insights into the state of online authentication globally.
Based on a survey of more than 10,000 consumers in the United Kingdom, France, Germany, the United States, Australia, Singapore, Japan, South Korea, India and China, FIDO estimates that The password (Opens in a new tab) Internet usage is down 5-9% year over year.
Passwords are still common
The study found that when logging into financial services, work computers and accounts, social media, streaming services, or smart home devices, people are more likely to use biometrics, or other convenient forms of authentication.
However, despite the decline, passwords are still the number one method in Online authentication (Opens in a new tab)despite the headache it causes.
Seven out of ten (70%) individuals have had to recover at least one password in any given month.
Service providers and retailers have also been affected, with more than half (59%) of people simply giving up access to online services.
Furthermore, 43% of people reported abandoning a purchase they intended to make online because they couldn’t remember their password.
As a result, the number of people who decided to keep their accounts logged in increased by 5%-11%.
But it’s not all bad news. FIDO reports that multi-factor authentication (MFA) through the use of one-time passcodes via SMS (OTP) has increased by 1%-4%. While the use of MFA text messaging presents its own problems, the rise may indicate that awareness of alternative security solutions for online accounts and data is beginning to enter the mainstream.
Passkeys, a new authentication method Apple introduced last summer, appears to have a high level of awareness among users, FIDO says. According to her data, 39% of people are familiar with the concept (it reaches 48% among people aged 18-34).
“People see entering passwords as a pain and they avoid it whenever they can,” said Andrew Shekiar, CEO and Marketing Director of the FIDO Alliance.
“Providers are aware of the inconvenience and security issues with passwords and offer more methods of authentication such as stay-logged cookies and/or legacy MFAs such as SMS OTPs.”
While staying away from passwords is a good thing, Shikiar noted that there is still work to be done before everyone is guaranteed more security online.
“However, these attempts at convenience and security still rely on outdated and deceptive authentication techniques that everyone needs to steer clear of if we ever want to stop the ongoing attack of data breaches.”
“All organizations must implement modern, anti-phishing authentication to their roadmaps, whether it be via on-device biometrics, FIDO security keys, or passkeys.”