Most Consumers Struggle to Remember Passwords

Many of us are eternally frustrated by our passwords. Experts recommend that we use a unique password for every account we have, use a combination of numbers (upper and lower case), letters and symbols, and most importantly, don’t write them down. For those of us without the memories of elephants, something’s got to give. While complex password may be locking criminals out of our accounts, they also appear to be locking us out of our accounts.

“The Future of Identity Report,” a new research study from the Entrust Cybersecurity Institute, surveyed global consumers to explore their experiences with passwordless authentication, hybrid identities, and ownership over personally identifiable information. The report reveals that consumers want more convenience when it comes to identity credentials.

The study indicates that, as far as consumers are concerned, passwords have outrun their course and it’s time to provide users a simpler, more secure way to validate their identity. In fact, with more digital services available than ever, consumers are actually struggling to recall an ever-growing inventory of password credentials, with 51 percent of respondents resetting a password at least once a month because they can’t remember it. (In addition, 15 percent of respondents said they need to reset passwords once a week.)

Consumers are seeking greater convenience and security, and biometrics appear to be poised to dethrone passwords. When given the option between biometrics or a password, 74 percent of respondents said they will choose biometrics half the time or more. A third will always choose biometrics when available.

“There’s no single or right way for organizations to authenticate customer, employee, or citizen identity,” said Mark Ruchie, Chief Information Security Officer at Entrust. “There is always a trade-off between providing relatively frictionless access experiences and incorporating safeguards that confirm users are who they claim to be. The authentication methods you employ can — and should — change depending on the sensitivity of data users are accessing, whether you’re serving customers or employees, or if atypical login behaviors are exhibited.”