When we set up a new online account, we're supposed to follow the philosophy of using a unique password for every login. If we log into 15 different websites, not one should share the same authentication details. But most people using 15 online services have nine passwords, not 15, among every website, as noted by recent findings from Forrester Consulting commissioned by SecureKey.
The trouble with multiple passwords
While this habit has its problems, it wouldn't be so bad if more consumers could remember those nine passwords. Unfortunately, 66 percent of users forget passwords for sites that they don't regularly visit. After all, a one out of nine chance isn't great odds, particularly when many people primarily use only one or two of all their login credentials.
In turn, many people have to request password resets, call customer service or create a new account altogether – and that's only if they decide to stick with the service, rather than finding another one altogether, as happens with 16 percent of individuals frustrated by the whole authentication process. This creates additional vulnerabilities that fraudsters might exploit.
It's convenient, but is it secure?
Some websites have gotten around password recollection difficulites by using social sign-in, which helps users access otherwise little-used services by entering more common credentials. Services such as Facebook or Twitter provide regular access points for numerous users, since many people use these websites. However, neither are particularly secure, especially since both are devoted to sharing information. The same holds true across social media sites. With identity theft an ever-present risk, another method for securing our credentials may be necessary. One that's just as convenient but much more strongly protected.
Managing the issue through federated credentials
To address some of the problems related to passwords and the future of our digital identity, Andre Boysen, executive vice president of marketing at SecureKey, and Eve Maler, a principal analyst serving security and risk professionals at Forrester, will be holding a webinar based around embracing a federated consumer identity. Both speakers will discuss the role that a federated identity can have in enhancing how users engage with Web services by combining the convenience of social sign-in with more trusted and protected credentials, such as those created for online banking.
Traditional identity and access management systems aren't cutting it any more, but alternatives do exist and SecureKey is at the forefront of exploring those possibilities and providing them to businesses, as well as governments and health care providers. The days of the password aren't over, but just as the digital identity is changing, login credentials must change with it. Users are willing to try stronger authentication methods, and organizations should strive to fulfill that interest.
The webinar is scheduled for December 11 at 12:00 p.m. EST. Information and registration details can be found at https://info.securekey.com/consumer-identity-model.