Most firms still use standard username and password logins, placing them at risk of attack from crafty hackers, a report has warned.
Furthermore, these "antiquated" authentication methods make matters complex for workers, requiring them to remember various passwords, the Symantec-sponsored Forrester research showed.
Almost 90 per cent of users are required by their employer to remember two or more passwords, the survey of hundreds of global businesses revealed.
Even when it comes to partner access, 67 per cent of companies were found to not use two-factor authentication to protect their corporate networks.
Over half of companies polled admitted to having suffered one data breach in the past year, yet many businesses still rely on old authentication.
"The IT landscape is changing so dramatically and so rapidly that one in four organisations are requiring users to remember six or more passwords to access corporate networks and applications and as this Forrester study shows, that approach to authentication is collapsing under its own weight," said Atri Chatterjee, vice president of User Authentication at Symantec.
"As enterprises continue to open up, strong authentication can help keep the bad guys out."
A number of recent cases have highlighted the dangers of solely relying on username and login authentication.
Gawker Media admitted last month that passwords were stolen in a hack on its user databases. It subsequently recommended users change their passwords for any Gawker websites.
-
The NCSC wants you to start using password managers and passkeys – here’s how to choose the best optionsNews New guidance from the NCSC recommends using passkeys and password managers – but how can you choose the best option? ITPro has you covered.
-
I love magic links – why aren’t more services using them?Opinion Using magic links instead of passwords is safe and easy but they’re still infuriatingly underused by businesses
-
Password management startup Passbolt secures $8 million to shake up credential securityNews Password management startup Passbolt has secured $8 million in funding as part of a Series A investment round.
-
LastPass breach comes back to haunt users as hackers steal $12 million in cryptocurrencyNews The hackers behind the LastPass breach are on a rampage two years after their initial attack
-
GitHub launches passkeys beta for passwordless authenticationNews Users can now opt-in to using passkeys, replacing their password and 2FA method
-
Microsoft SQL password-guessing attacks rising as hackers pivot from OneNote vectorsNews Database admins are advised to enforce better controls as attacks ending in ransomware are being observed
-
No, Microsoft SharePoint isn’t cracking users’ passwordsNews The discovery sparked concerns over potentially invasive antivirus scanning practices by Microsoft
-
Microsoft Authenticator mandates number matching to counter MFA fatigue attacksNews The added layer of complexity aims to keep social engineering at bay
