Enterprise Struggles and Trends in Customer Authentication Security
Organizations continue to rely heavily on passwords for customer authentication, despite widespread recognition that these methods are both insecure and detrimental to user experience. Research from Descope highlights a persistent gap between security leaders’ stated priorities and the authentication technologies actually deployed, with 87% of organizations still using passwords as a primary method. While most companies claim to use multi-factor authentication (MFA), coverage is inconsistent, leaving exploitable gaps for attackers. The transition to more secure options like passkeys is hindered by technical debt, resource constraints, and internal misalignment, even as over 70% of organizations plan to adopt such technologies.
Industry experts and practitioners are debating whether passwordless authentication is ready for widespread adoption or if it simply introduces new challenges. The evolution of identity management now includes managing non-human identities, implementing privilege access management, and adopting risk-based authentication. Security leaders are urged to align MFA, governance, and zero trust principles to resist account takeover and policy drift, but practical barriers remain in rolling out modern authentication at scale. The consensus is clear: while the future of authentication is moving beyond passwords, organizations face significant hurdles in making this transition both secure and user-friendly.

Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
1 event from the most recent confirmed update back to the earliest known activity.
Story first reported
Initial story creation
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
3 references tracked. Mallory keeps watching after this page renders.
The identity mess your customers feel before you do
helpnetsecurity.com
Open sourceThe Death of Passwords: The Future of Authentication
securitysenses.com
Open sourceIs Your Password Actually Safe Anymore?
securitysenses.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.


