San Francisco – Okta Inc., one of the world’s leading independent identity partners, has unveiled its latest international Secure Sign-In Trends Report. Examining billions of monthly workforce customer logins across 16 different industries worldwide, the report reveals that the use of multi-factor authentication (MFA) has almost doubled since 2020 and that phishing-resistant authenticators represent the best choice in terms of both convenience and security for users.
Todd McKinnon, co-founder and CEO of Okta, says the company is working hard to help its customers’ zero trust security strategies by adopting innovations such as phishing-resistant MFA and passwordless authentication. Sharing data on customer adoption of these technologies, McKinnon adds, can drive further progress with governments, Okta’s partners, and its customers worldwide.
The Okta study uncovers several key trends, including:
• 90% of Okta administrators and 64% of its users signed in using MFA during January 2023.
• The fastest and most reliable user experiences come from sign-in methods offering excellent phishing resistance (Okta FastPass and FIDO2 WebAuthn).
• The technology sector is best placed to move to a passwordless future, with adoption rates of MFA already hitting 87%; insurance (77%), professional services (75%), construction (74%), and media & communication (72%) make up the remaining top five industry adopters. Surprisingly, highly regulated industries tend to lag behind.
• MFA adoption by Okta’s workforce customers jumped from 35% to 50% in two months between February and March 2020.
• Companies with fewer than 300 employees (79%) are ahead of enterprises with more than 20,000 employees (54%) in terms of MFA adoption.
Multi-factor authentication adds an extra layer of security on top of login credentials such as passwords. With more than 80% of business web-application attacks and almost 50% of all business email compromise attacks resulting from unauthorized logins that use stolen usernames and passwords, MFA provides a safer way of verifying user identity before granting access to an application or online account. To maintain the necessary level of security, MFA verifies multiple types of information or factors to gain access to an account or application.
One potential setback to widespread MFA adoption is an increase in sophisticated MFA bypass attacks, which are prompting many organizations to evaluate the need for phishing-resistant authentication flows. According to the report, using phishing-resistant authentication techniques such as Okta FastPass or FIDO2 WebAuthn offers the best combination of user experience and security. While many decision-makers believe they must “trade off” security and convenience, the Okta study finds that on average, using passwordless, phishing-resistant authenticators saves time and is less prone to failure than using passwords.
The Secure Sign-In Trends Report, which was built from data of direct MFA authentication events recorded in the Okta Workforce Identity Cloud (WIC), was built using anonymized and aggregated data from billions of monthly authentications and verifications across countries worldwide. Okta enterprise customers and their employees, contractors, partners, and customers use the solution to securely log in to devices, websites, apps, and services and to leverage security features to protect their data. Okta spans every major industry and varies in size, from small businesses to some of the world’s largest organizations, with hundreds of thousands of employees and millions of customers.
The full report is available at Okta’s website.