Okta, an independent identity partner, has released its international Secure Sign-In Trends Report, revealing there had been a nearly twofold increase in the adoption of multi-factor authentication (MFA) since 2020. The findings also highlight that when it comes to security and user convenience, opting for phishing-resistant authenticators is the most favorable choice. It added that 90% of Okta administrators and 64% of users signed in using multi-factor authentication (MFA) during January 2023.
The report also found that sign-in methods with the highest phishing resistance, such as Okta FastPass and FIDO2 WebAuthn, provide the fastest and most reliable user experience. More than 80% of business web application attacks and almost half of all business email compromise attacks result from stolen usernames and passwords, which is why MFA is a crucial security measure that provides greater certainty that the user is who they claim to be before granting access to an application or online account.
The report shows that the technology industry is best positioned to move towards a passwordless future, with 87% of account logins already using MFA. Industries with high adoption rates of MFA include insurance (77%), professional services (75%), construction (74%), and media and communications (72%). Surprisingly, highly regulated industries tend to lag behind. Okta’s workforce customers’ MFA adoption jumped from 35% to 50% in two months between February and March 2020. Furthermore, organizations with fewer than 300 employees exceed the MFA use of enterprises with more than 20,000 employees.
Todd McKinnon, co-founder and CEO of Okta, said that the company is advancing its customers’ zero trust security strategies by helping them adopt innovations such as phishing-resistant MFA and passwordless. By sharing data on customers’ adoption of these critical technologies, greater progress can be achieved with governments, partners, and customers. The report concludes that MFA adds an extra layer of security on top of credentials like passwords, which are highly susceptible to abuse. MFA verifies identities by asking users to provide different types of information or factors to gain access to an account or application.
