Story image

Biometrics vs passwords: How the generation gap is shaping workplace security

30 Jan 2018

Millennials are moving beyond the world of passwords and quickly embracing biometrics, leaving the older generations to continue carrying the password tradition, according to IBM Security’s Future of Identity Study.

75% of millennials are comfortable using biometrics, however fewer than half are using complex passwords and 41% reuse passwords. 34% use a password manager.

On average, those aged 55 and older use 12 passwords, however only 17% use a password manager. It is not clear from the study how people remember their passwords.

Millennials are also more likely to enable two-factor authentication after a breach (32%), compared to 28% of the general population.

IBM Security says that as younger employees dominate the workforce, organisations must be ready to adapt to the kinds of new technologies those employees bring in.

This could mean an allowance for increased use of mobile devices as the primary authentication device and integrating biometrics or tokens in place of passwords.

Asia Pacific respondents were the most open to biometric technologies. 78% are comfortable using biometrics today, compared to 65% of those in the European Union and 57% in the United States.

Fingerprint biometric technology is perceived as the most secure authentication method amongst all respondents (44%), followed by passwords (27%) and PINS (12%).

US respondents seem to be shunning the use of biometrics – 23% said they aren’t interested, which is almost double the global average.

“In the wake of countless data breaches of highly sensitive personal data, there’s no longer any doubt that the very information we’ve used to prove our identities online in the past is now a shared secret in the hands of hackers,” comments IBM Security A/NZ CTO Chris Hockings.

 “As consumers are acknowledging the inadequacy of passwords and placing increased priority on security, the time is ripe to adopt more advanced methods that prove identity on multiple levels and can be adapted based on behaviour and risk.”

Overall, security is now more important than the convenience factor – particularly as part of financial applications.

On average, 70% of all respondents rank security as the top priority for banking, investment and budgeting apps. 16% believe privacy is most important and 14% say convenience is most important.

Security also featured as a top priority for email, online marketplaces and workplace applications, however it is not so important for social media applications.

IBM Security says that organisations should recognise these preferences when choosing security solutions. Identity platforms that provide choices for multiple authentication options are able to provide flexibility and security.

The company also says that organisations can balance security and convenience by using risk-based processes that trigger additional security measures in certain situations, such as if an IP, device or location signal abnormal activity.

The 15-minute online survey totalled responses from 3,977 adults across the United States (U.S.), European Union (EU) and Asia-Pacific (APAC) regions, including:

•   APAC: 997 respondents (Australia, India, Singapore)

•   U.S.: 1,976 respondents

•   EU: 1,004 respondents (United Kingdom, France, Italy, Germany, Spain)

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.