Study: Businesses That Eliminate Passwords Report Better Business and Security Outcomes

Research finds organizations using passwordless technologies experience the fewest phishing attacks, are more productive and achieve greater levels of employee satisfaction  

NEW YORK CITY and STOCKHOLM, Sweden, Nov. 16, 2023 (GLOBE NEWSWIRE) -- HYPR, The Identity Assurance Company, and Yubico (NASDAQ: YUBICO), the leading provider of hardware authentication security keys, have published a new study on challenges, perceptions and outcomes in the usage of password and passwordless authentication technologies. The report, titled “Transcending Passwords: The Next Generation of Authentication” exposes the profound business impact of authentication practices, with consequences for security, productivity and employee retention. Findings show that organizations that employ FIDO-based passwordless authentication technologies are least likely to be victims of phishing attacks, cut authentication times by 75%, and measurably reduced their IT service desk burden.

The study, based on a commissioned survey of 312 cybersecurity IT leaders and end users conducted by Enterprise Management Associates (EMA), reveals the strain that insecure and cumbersome authentication processes place on organizations, as well as their readiness to turn to passwordless solutions.

"Our independent and objective research findings confirm that we have reached an inflection point in authentication solutions driven by broad recognition that reliance on traditional passwords is no longer sustainable," noted Chris Steffen, vice president of research at EMA. "It is an honor to have our comprehensive evaluation sponsored by two of the leading voices responsible for redefining how we think of and define identity security."

The vast majority of surveyed businesses (82%) reported breaches, including compromised credentials and successful phishing attacks. Employee behavior likely played a role as 68% of respondents admit to violating corporate password policies. Organizations must be careful, however, in turning to security controls that introduce friction — 65% of users say they would be motivated to change employers if presented with high-friction authentication processes. Notably, the majority of IT managers recognize that the adoption of passwordless authentication will prevent most, or all, security breaches and those that have adopted FIDO-based technologies report the highest satisfaction rates with authentication processes.

“This new data highlights that there is broad consensus that passwordless authentication, specifically FIDO-based technologies, are the way forward,” Bojan Simic, CEO of HYPR. “Phishing-resistant passwordless solutions cut off the most common avenues of attack while providing a user experience people want to use.”

Key findings from the study include:

  • 91% of workers still rely on passwords as a primary form of authentication.
  • On average, business users authenticate ten times each day to access the business applications, data, and IT services they require to perform job tasks.
  • On average, business users take four times longer to authenticate with a traditional password and an OTP verifier than with FIDO-based authenticators (mobile or security key).
  • Businesses that have adopted FIDO-based technologies reported the highest satisfaction rates with their authentication processes
  • 82% of surveyed businesses reported IT security breaches occurred in their organizations in the last year, including compromised credentials and successful phishing attacks
  • Organizations using FIDO-based mobile authenticators or security keys as a primary authenticator were least likely to have been victims of a phishing attack
  • 100% of business that have adopted FIDO standards reported significant quantifiable improvements, including increased security effectiveness, reduced help desk tickets, reduced password resets and improved user experiences

“Organizations want to move to passwordless, phishing-resistant authentication; it’s a matter of charting their course to get there,” said Josh Cigna, solutions architect at Yubico. “That’s where our partnership with HYPR comes in. Through our joint Yubico-HYPR solution, organizations can easily deploy both hardware and software FIDO authenticators, giving them flexibility and choice across the enterprise.”

EMA will be discussing the study results and implications in a webinar on November 16, 11 AM PT | 2 PM ET. Register here»

To read the full report, please visit:

A blog post with additional context on the study can be found here.

Learn more about the HYPR | Yubico passwordless authentication solution:

About Yubico

Yubico (Nasdaq First North Growth Market Stockholm: YUBICO) is the inventor of the YubiKey, a hardware security key that is the gold standard in phishing-resistant multi-factor authentication (MFA). Yubico’s solutions offer organizations and users deployment expertise and operational flexibility as YubiKeys work across hundreds of consumer and enterprise applications and services.

Yubico is a creator and core contributor to the FIDO2/passkey, WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering modern, hardware-based passkey authentication security at scale to customers in over 160 countries. For more information, please visit:

About HYPR

HYPR, the Identity Assurance Company, helps organizations create trust in the identity lifecycle. The HYPR solution provides the strongest end-to-end identity security, combining modern passwordless authentication with adaptive risk mitigation, automated identity verification and a simple, intuitive user experience. With a third-party validated ROI of 324%, HYPR easily integrates with existing identity and security tools and can be rapidly deployed at scale in the most complex environments. Additional information is available at


Fabienne Dawson

Yubico Communications Team