SINGAPORE, July 10 – Okta, Inc. (NASDAQ: OKTA), a leading independent identity partner, has released its international Secure Sign-In Trends Report, revealing significant growth in the adoption of multi-factor authentication (MFA) since 2020. The report, based on analysis of billions of monthly workforce customer logins to Okta Workforce Identity Cloud across 16 industries worldwide, highlights the effectiveness of phishing-resistant authenticators in terms of security and user convenience.
According to Todd McKinnon, co-founder and CEO of Okta, “Okta is advancing our customers’ zero trust security strategies by helping them adopt innovations like phishing-resistant MFA and passwordless. By sharing data on our customers’ adoption of these critical technologies, we can drive greater progress with governments, our partners, and our customers.” Key findings from the report include:
90% of Okta administrators and 64% of users signed in using MFA in January 2023. Sign-in methods that offer the highest phishing resistance, such as Okta FastPass and FIDO2 WebAuthn, also provide the fastest and most reliable user experience. The technology industry leads the way towards a passwordless future, with 87% of account logins already using MFA. Other industries embracing MFA include Insurance (77%), Professional Services (75%), Construction (74%), and Media & Communications (72%).
Surprisingly, highly-regulated industries tend to lag behind. MFA adoption by Okta’s workforce customers increased from 35% to 50% within two months between February and March 2020. Organizations with fewer than 300 employees (79%) surpass enterprises with over 20,000 employees (54%) in MFA usage. MFA provides an additional layer of security beyond passwords, which are highly vulnerable to abuse. Over 80% of Business Web Application Attacks and nearly half of all business email compromise attacks are a result of stolen usernames and passwords.
MFA ensures greater certainty in verifying user identities before granting access to applications or online accounts. It involves users providing multiple types of information or factors to authenticate their access. However, the rise of sophisticated MFA bypass attacks has prompted organizations to consider phishing-resistant authentication flows. The report highlights that phishing-resistant authentication, such as Okta FastPass or FIDO2 WebAuthn, offers the ideal balance between security and user experience.
Contrary to the common assumption that technology decision-makers must sacrifice security for user convenience, Okta’s research reveals that signing in with passwordless, phishing-resistant authenticators not only saves time but also reduces the likelihood of failures compared to using passwords.
