Passwords have a decade of life left in them, survey shows

Networking's worst security construct isn't going anywhere soon as phase out could take 10 years

I hope you can hold a grudge.

Most cybersecurity pros expect passwords to be around for the next 10 years, according to a Wakefield Research survey performed in conjunction with authentication vendor SecureAuth.

In the survey of 308 full-time cybersecurity IT employees, 91 percent believe that the traditional password will not exist in 2025. By comparison, other things made obsolete by better technology in 2025 will include car mirrors, plastic credit cards, cords and chargers, and dedicated remote controls, according to PC Magazine.

Cyber attacks over the past few years, however, have pushed the password to the top of the loathing scale and exposed the knuckleheads who create them.

While passwords might not disappear for another 10 years, decay is evident. Use of a password as a security boundary will shrink, and will do so at a faster rate when the accounts are owned by privileged users - such as admins - or to protect sensitive resources. Passwords also may be relegated to simple PINs used to unlock a device or to signal a desire for access to a resource, followed by a stronger form of authentication.

Last week's Gartner Identity and Access Management Summit was peppered with evolving authentication practices and technologies, such as risk-based, contextual and adaptive authentication. These ideas combine analytics and technologies to build access controls around resources, often times on the fly. Multi-factor authentication and the overall topic of trust - who, when and where - were also hot topics.

The staying power of the passwords has been in decline for years so another decade seems like an eternity. In 2013, Deloitte Canada said 90 percent of user-generated passwords would be relevant for mere seconds under pressure from hackers. Actually, that might not seem half-bad considering Internet response times are often measured in milliseconds.

Yet, the password still has 10 years left for abuse by hackers. What's the gating factor to a shorter timeframe? End-user training, complexity and user experience are three common factors.

In the Wakefield survey, 87 percent admit their company is frequently forced to choose between user experience and greater security. The good news is 97 percent of respondents believe new authentication techniques are reliable, such as fingerprint scans or two-factor authentication.

That's a start and hopefully a good enough one to be hopeful in 2025.