Passwords are the problem!


By Frederic Klat | OneWelcome

For companies in regulated industries, offering a flawless online experience for your customers is more important than ever. Once a customer sets up an account on your site, you must do everything you can to make sure they can easily access their information. It all starts with a smooth yet secure login.

Why are passwords a problem?

Ideally, you want to offer a ‘just-in-time, just-enough’ login that does not intrude on the user journey or compromise security. This is why more and more companies are switching to passwordless.

So, why are passwords such a problem? Consider some of these statistics:

  • According to the UK’s National Cyber Security Centre (NCSC), 23 million online account holders worldwide use ‘123456’ as their password.
  • 90% of internet users are worried about getting their passwords hacked.
  • The average person has over 38 passwords.
  • More than 93% of healthcare organisations have experienced a data breach over the past three years.
  • 80% of hacking-related breaches are tied to passwords.

And these password-related weaknesses are not just a threat to your customers’ security and trust, they can also have devastating effects on your business:

  • An IBM study shows that each hacked record costs a company €150 on average.
  • According to Google, 61% of users are unlikely to return to a site on mobile if they had trouble accessing it and 40% visit a competitor’s site instead.
  • 83% of mobile users say that a seamless experience across all devices is very important.
  • About a third of online purchases are abandoned at checkout because the customer cannot remember their password.
  • 21% of users forget passwords after 2 weeks, and 25% forget a password at least once a day.

Let’s look more closely at what all this means—and why going passwordless is the secure, user-friendly Customer and Identity Access Management (CIAM) choice.

Passwords are conversion killers

Insurance companies deal with a lot of sensitive data. As a result, they usually set strict password complexity requirements, like a minimum length and which types of characters must be included. These requirements can be frustrating for some users, and remembering passwords can pose a major challenge for others. If a user is unable to log in to their account due to a password-related issue, there is no way for them to convert.

With new authentication methods like the ones offered by OneWelcome’s CIAM solution, you can offer your customers a more convenient, secure login experience—without ever asking for a password.

Passwordless: The best of both worlds

With the rise of Multiple Factor Authentication (MFA) in Europe, logging in is no longer just about what a customer ‘knows’ (their password). It’s often about what they have (their smartphone) or who they are (their fingerprint or face).

We’ve seen how unreliable and non-secure passwords can be. We also know that they are unpopular and frustrating to use. That’s why offering your customers the option to log in to their user environment without a password is an ideal solution, offering both convenience and security. But passwordless logins have to be implemented properly.

This is where OneWelcome Mobile Identity can help. It gives you everything you need, from one-click account creation & authentication using just email (and NO passwords) for low-security groups like anonymous prospects, to highly secure, banking-grade MFA using a combination of identifiers.

To enhance security, OneWelcome Mobile Identity comes with out-of-the-box features like push-to-accept login, biometrics, device memory, the option to add multiple devices for authentication and much more. And with our mobile SDK provided in different software languages, you have the flexibility to integrate our features into your own mobile app.

Passwordless login is quickly becoming the norm. Now’s the perfect time to explore what this new CIAM technology can do for your business.

In the whitepaper ‘How to go passwordless’, we will cover the business drivers for going passwordless and the state of current authentication solutions. In addition, we will share our view on the possibility of a completely passwordless world.