Younger people put security before convenience in apps and devices, and put more weight on biometric security measures than on traditional password hygiene, according to a study that examines the changing nature of IT Security. The global research, published by IBM, examines the way people are approaching security and online identity protection in a fast changing digital environment.
Millennials (aged 20-36) are likely to embrace technological solutions to security, such as fingerprint readers, facial scans and voice recognition, in the face of a growing tide of threats to their digital identity. The study showed that 67 percent are comfortable using biometric authentication today, while 87 percent say they’ll be comfortable with these technologies in the future. Asked to rank priorities for logging into applications, they placed security at the top, especially for money-related apps.
Other results suggest that millennials may be moving beyond passwords. While 75 percent of them are comfortable using biometrics today, under half use complex passwords, and 41 percent reuse passwords, perhaps not surprising given that the average internet user in America is managing over 150 online accounts that require a password. Older generations showed more care with password creation, but were less inclined to adopt biometrics and multifactor authentication.
Changing attitudes are probably driven by the changing nature of threats, after several high profile attacks that exposed flaws in traditional log-in methods that rely heavily on passwords and personal information to authenticate users’ identities. In 2017, data breaches exposed personal information, passwords, and even social security numbers for millions of consumers. “There’s no longer any doubt that the very information we’ve used to prove our identities online in the past is now a shared secret in the hands of hackers,” said Limor Kessem, Executive Security Advisor at IBM Security. “The time is ripe to adopt more advanced methods that prove identity on multiple levels and can be adapted based on behaviour and risk.”
The survey also examined consumers’ opinions around the security of various login methods, and found that certain types of biometrics were viewed as more secure than passwords, yet security and privacy remain top concerns when it comes to adopting biometrics. People’s biggest concerns with biometric authentication were privacy, and security.
The report reveals several differences in generational viewpoints when it comes to securing their online identities. As millennials become the largest age group in the workplace, this could reshape the way companies need to approach IT Security policies. Older adults displayed better habits when it came to password creation, yet younger generations were more inclined to adopt password managers, biometrics and multifactor authentication as a way to secure their online accounts. This could be an indication that younger generations have less confidence in passwords and are instead looking to alternative methods to secure their accounts.
Only 42 percent of millennials use complex passwords that combine special characters, numbers and letters compared to half of those 55 years of age and older, and 41 percent reuse the same password multiple times. Millennials were however more likely to enable two-factor authentication in the wake of a breach.
Summarising their report, IBM note that younger generations are placing less emphasis on traditional password hygiene, which they say poses a challenge for employers and businesses that manage millennial users’ access to data by using passwords. As the percentage of millennial and Gen Z employees continues to grow in the workforce, organizations and businesses can adapt to younger generations’ proclivity for new technology by allowing for increased use of mobile devices as the primary authentication factor and integrating approaches that substitute biometric methods or tokens in place of passwords. In a changing security world it seems that users are adapting their approach.