A new report published by Cisco’s Duo Security, the multi-factor authentication (MFA) and secure access solution, confirms that enterprises are taking steps to move away from passwords and adopting low-friction authentication methods to protect the hybrid workforce. While the total number of Duo MFA authentications increased 39% in the past year, biometric authentications grew even faster at 48%.
The 2021 Duo Trusted Access Report analysed data from more than 36 million devices, over 400,000 unique applications and roughly 800 million monthly authentications from across Duo’s global customer base. It revealed how organisations across all industries are enabling work from anywhere, on any device, by implementing controls to ensure secure access to applications.
Four notable notes from the report include the fact that:
- Biometrics were enabled on more than 71% of Duo customer mobile phones, illustrating a rise in adoption driven by users’ growing acceptance of non-traditional authentication methods and the accessibility of passwordless hardware that they already carry in their pockets.
- Duo also saw a fivefold increase in Web Authentication (WebAuthn) usage since April 2019 when the World Wide Web Consortium (W3C) first published the open standard. WebAuthn enables biometrics to be securely stored and validated locally on the device, as opposed to a centralised database.
- Moving away from passwords will significantly improve the login experience for the vast majority of users – in turn leading to stronger security.
- More than half of organisations are planning to implement a passwordless strategy, according to the new survey of global IT decision makers conducted as part of the Trusted Access Report.
“We’ve now reached the point where the user experience is a security control in and of itself,” said Conrad Steyn, CTO for Cisco South Africa. “Enterprises are moving toward new, more effective ways of handling access control and seeing in action how democratising security can go a long way in enabling hybrid workers to focus on their core competencies without sacrificing security.”