On average, it costs an enterprise $70 for a single password reset. Large US-based organizations allocate over $1 million annually for password-related support costs according to Forrester. From the user’s perspective, a forgotten password can be extremely frustrating and time consuming. Increasingly complex password rules and dozens of account profiles all add to the frustration.
High Support Costs
Resetting a password may seem like an insignificant task but it costs organizations time and resources. Gartner found that between 20%-50% of all IT help desk calls are for password resets, and range from 2-30 minutes to fix. In a US-based survey, 37% of the users reported having more than 50 password resets in a single year. As they remain the most common method of user authentication, forgotten passwords will always be a persistent problem. They will continue to need costly support if the issue is not properly addressed.
When a user is left locked out from a forgotten password, they are no longer productive. Multiply this issue by all of the employees in a single company and the costs add up. Additionally, during non-business hours, help desk services may not be available, blocking users from accessing their apps, data and other tools. Think about the cost of missed opportunities and work from wasting productive time!
Data Breach Risks
Poor password management also poses a risk for security breaches. 91% of people understand the risk of reusing passwords yet 61% continue to reuse the same password. It’s no surprise when password policies are asking for 12-character length password with uppercase, lowercase letters, numbers and special symbols with no repeating characters. Then add on top of that requiring a user to change it every 3 months. Trying to remember a dozen different work logins and personal logins gets difficult and people often resort to reusing the same password with different variations like a new number or character at the end.
Employees are also putting their employers at risk as they continue to use personal devices for business purposes, with more than 1-in-3 not using passwords on those devices, compromising confidential information on them.
Replacing Passwords with Biometrics
Using a single biometric authentication system, including a fingerprint, face, voice, or eye recognition in performing high-security authentication as opposed to a typed password provides a better assurance of identity. As these physical attributes are unique to each person, it lowers the risk of hacking. Moving to a single biometric system, there will be no passwords to be forgotten.