Password Fatigue: A Case for Multilayered Passwordless Authentication

For years, security practitioners have argued that passwords need to be retired because they are easily cracked, and consumers often use weak, reused passwords. Yet reluctance persists, as passwords have become standard among consumers when it comes to authentication. But efforts to keep passwords alive have now pushed them into a realm of friction for consumers, as mandates for password length, frequency of password changes, and limitations of password managers across platforms and operating systems have made even their use cumbersome for consumers. This trend is a positive sign for cybersecurity, and Javelin predicts that 2024 will finally be the tipping point for passwordless authentication. 

This Javelin Strategy & Research report reviews how financial institutions can enhance account security and reduce fraud by changing authentication standards away from passwords and instead implementing multilayered authentication protocols, which include the use of biometrics, behavioral and device analytics, and static document verification. This report further explains how, through data collection transparency and education, FIs can keep consumers safe and build trust. 

Key questions discussed in this report:

• Are passwords really that unsafe? 
• What authentication methods are more effective than passwords? 
• How can FIs transition consumers toward passwordless authentication?