Hi [[ session.user.profile.firstName ]]

2019 State of Password and Authentication Security Behaviors

Despite the worsening state of online security, are we becoming more security-minded, and better yet, are we following best practices?

The Ponemon Institute recently surveyed 1,761 IT and IT security practitioners in the United States, United Kingdom, Germany and France regarding password management and authentication practices for individuals both in the workplace and at home.

What percentage of phishing attack victims changed their password behaviors?
How many respondents admit to reusing passwords?

The answers to these questions may surprise you.

Attend this webinar to hear about the survey results and learn:

* How privacy and security concerns affect password behaviors
* Risky password practices in the workplace
* What authentication technologies are being used
* The cost of lost productivity associated with password management
* Best practices for enterprise authentication
Recorded Feb 20 2019 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Dr. Larry Ponemon, Ph.D., Chairman and Founder, Ponemon Institute and Abby Guha, Sr. Director Product Marketing, Yubico
Presentation preview: 2019 State of Password and Authentication Security Behaviors

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Modern CAC/PIV alternatives: Securing government teleworkers & mobile devices Apr 16 2020 4:00 pm UTC 60 mins
    Danelle Barrett, Principal, Deep Water Point (Fmr Rear Admiral, Dir Navy Cyber Security and Deputy CIO
    Recent global events are driving up numbers of teleworkers/remote workers along with an increased use of personal devices and mobiles phones for access to government systems. This introduces new challenges for government agencies. Unsecured WiFi networks, unmanaged personal mobile devices, and phishing scams make it easy to steal user credentials and difficult to securely manage geographically dispersed teams. CAC and PIV cards are cumbersome to implement for every teleworker and for use with mobile and personal devices. SMS and OTP device-based software authenticators aren’t secure alternatives, and in the case of BYOD/BYOAD, put the government on point to reimburse employees and contractors for mobile costs. Government agencies need to provide enhanced authentication that is secure, doesn’t create high recurring expenses and can enable personnel to securely work in any location, on any device, and across any network.

    Attend this webinar to learn how federal and other government agencies should handle authentication in a telecommuting and mobile-first world:
    - How recent events are necessitating the need for alternative authentication for teleworkers
    - How legacy authentication solutions are ineffective and costly
    - How to deploy highest assurance authentication for teleworkers, mobile derived PIV and BYOD/BYOAD use cases
    - How to ensure highest assurance multi-factor authentication (MFA) for teleworkers that are non PIV/non CAC eligible

    Speakers:
    - Danelle Barrett, Principal, Deep Water Point (Former Rear Admiral, Director Navy Cyber Security and Deputy Chief Information Officer)
    - Jeff Philips, Vice President Government, Yubico
    - Derek Hanson, Vice President Solutions Architecture and Alliances, Yubico
  • Securely Working From Home: Strong Authentication for VPN and Desktop Apr 14 2020 4:00 pm UTC 60 mins
    Nic Sarginson, Solutions-Yubico EMEA and Chris Streeks, Solutions-Yubico
    With the global health emergency we’re all facing, remote access is the ultimate lifeline for businesses. But as remote working grows, phishing attacks and account takeovers are also on the rise. Hardware-based authentication is critical to protecting against these threats. As workers around the globe access corporate systems, it is imperative that they be given modern solutions to secure access to important information without slowing them down.

    Organizations can modernize their security VPN applications and physical and virtual desktops to enable productivity. The gold standard for security in the form of multi-function hardware security keys can greatly increase security for the enterprise while making the end user experience simple and easy. And let's not forget the massive cost benefits of drastically reducing password and account reset-related calls to the help desk. Attend this webinar to learn more.
  • Go Passwordless for Firstline Workers with Yubico+Microsoft Azure AD Recorded: Mar 31 2020 55 mins
    Melanie Maynes Sr. Product Marketing Manager Microsoft; Andrew Vitollo Sr. Solutions Engineer Yubico
    Firstline workers represent about 2 billion people globally in healthcare, finance, manufacturing, and hospitality to name a few. Making sure they have secure access to data to perform their jobs is critical. But for organizations, the structure isn’t as simple. Meeting compliance mandates while ensuring a frictionless user experience is challenging.

    During this webinar Yubico and Microsoft will share plans on how to:create a passwordless future that is:
    - Cost effective
    - Meets compliance regulations
    - Easy to implement and use
  • 5 Ways to Protect Remote Workers From Account Takeover Recorded: Mar 26 2020 47 mins
    Jerrod Chong, Chief Solutions Officer - Yubico
    In today’s enterprise journey to digital transformation, remote work is on the rise. Advancements in technology make it possible for employees to work from anywhere, but also introduce a new set of challenges for IT departments. Unsecured WiFi networks, unmanaged personal mobile devices, and phishing scams make it easy to steal user credentials and difficult to securely manage geographically dispersed teams.

    While the concept of remote work is not new, it is becoming more prevalent for modern businesses. Recent global events are driving these numbers even higher, making it imperative for organizations to set processes and systems in place that not only secure remote workers, but do so without hindering productivity. We are already seeing hackers taking advantage of the current state of business uncertainty with targeted phishing attacks. Companies need to rapidly increase security planning for workers outside of organizations. But where to begin?

    Join this webinar to learn five critical ways companies can protect their remote workforce from common vulnerabilities such as credential theft, account takeovers, and phishing attacks. In this webinar we will discuss best practices for protecting applications and systems such as:

    - Identity and access management (IAM) platforms
    - Remote VPN access
    - Computer logins
    - Password managers
    - Authenticator applications
  • 2020 Password & Authentication Security on the Path to Digital Transformation Recorded: Mar 18 2020 62 mins
    Dr. Larry Ponemon, Chairman & Founder, Ponemon Institute; Abby Guha, Sr, Director Enterprise Product Marketing, Yubico
    The Ponemon Institute recently surveyed 2,507 IT and IT security practitioners in the United States, United Kingdom, Germany, France, Sweden, and Australia regarding password and authentication behaviors. Additionally, 563 individual users were surveyed to understand the differences in security behaviors between IT security practitioners and individuals. The findings were enlightening in answering questions like:

    What information are businesses and individuals most concerned with protecting? How many respondents admit to reusing passwords for workplace accounts? And how does the state of passwords and authentication impact a company’s ability to progress toward Digital Transformation?

    Register for this webinar to:
    - See how IT security and individual users respond to security threats
    - Understand security behaviors and practices in the workplace
    - Gauge the popularity of passwordless authentication
    - Clarify how businesses can protect customer accounts with strong two-factor authentication
    - Discover the increased risk to businesses with personal mobile devices being brought into the workplace
  • Conveniently Protecting Cryptocurrency Assets Recorded: Mar 12 2020 45 mins
    * Lance Vick, Lead Security Engineer, BitGo, Guido Appenzeller, Chief Product Officer, Yubico
    One of the primary impediments standing between cryptocurrency and mass adoption has been the process for securing the digital assets. Earlier methods created challenging user experiences at either the user or exchange level when trying to ensure protection. Luckily, strong authentication no longer has to be burdensome. This webinar explores how a progressive cryptocurrency exchange adopted and endorsed a secure authentication method that protects its customers' in a way that is as easy to use as it is strong.

    Attend this webinar to:

    * Learn about current perceptions surrounding cryptocurrecy account and exchange security
    * Hear practical advice for better security from BitGo's Lead Security Engineer
    * Explore how a physical, multi-protocol key has become a vital ingredient for wider cryptocurrency adoption and use
  • Dark Reading: Preventing Credential Theft and Account Takeovers Recorded: Mar 10 2020 62 mins
    Andrew Shikiar - CMO, FIDO Alliance & Hormazd Romer - VP Product Marketing, Yubico
    As companies move down a path of Digital Transformation, protecting against end user based threats has become more important than ever. Breaches that expose passwords and grant cyber attackers access to privileged user accounts are now so common that users greet the news with more shrugs than shock, and security experts advise to "assume user credentials have been exposed." Yet, these attacks can be as catastrophic as they are commonplace. Stolen credentials and account takeovers are the footholds cybercriminals use to launch all manner of attacks -- from financial fraud and virtual currency theft, to data breaches and cyber espionage. Watch this webinar to learn how these bread-and-butter cyberattacks work and how to bolster your defenses against them.
  • CCW Online Roundtable: Untapped Contact Center Technology Opportunities Recorded: Mar 3 2020 68 mins
    Guido Appenzeller, Chief Product Officer, Yubico
    Today's Contact Center is all about creating positive and meaningful engagements with every interaction. Data fuels these interactions, but how can the right technologies ensure better insights and higher levels of security?

    This webinar is a replay of a Customer Contact Week Executive Roundtable recorded on March 3, 2020 discussing latest innovations in contact center technology. Yubico's Chief Product Officer - Guido Appenzeller - was a featured guest and discusses why strong authentication is vital to protecting systems and data in call centers where shared workstations are the norm.
  • Improving Security and Productivity with Hardware Authenticators as a Service Recorded: Feb 20 2020 46 mins
    Suresh Thiru - Vice President, Product Management; Percy Wadia - Sr. Director, Product Management
    Organizations are looking for better and more efficient ways to improve security while making it easier for users to adopt best practices and enhance productivity. Hardware based security keys provide the best security, however purchasing and provisioning them to users on a global scale can be challenging for some organizations.

    Join Suresh Thiru, VP Product Marketing and Percy Wadia, Sr. Director Product Management at Yubico as they explain how organizations can now eliminate the logistical, budgetary, and/or planning challenges associated with achieving company-wide security with strong authentication.

    Moving from CAPEX to OPEX makes predictable spending possible, introduces more flexibility and paves the way to easily replace keys or even upgrade to the latest keys. And, with the option of Yubico handling all logistics end-to-end for keys distribution, getting users up and running on industry-leading authentication has never been easier.

    Attend this webinar to:
    - Learn how hardware authenticators sold as a service create convenience, predictability, and expanded security
    - Discover how shifting hardware key purchases from CapEx to OpEx makes smart business sense and provides increased flexibility
    - Explore how YuboEnterprise services can remove the burden of managing and distributing YubiKeys to all your users
  • Empower the Workplace using Modern Authentication Recorded: Jan 23 2020 44 mins
    Jeff Broberg, Senior Director of Product Management, OneLogin / Karen Larson, Integrations Program Manager, Yubico
    Passwords typically lead the entryway for accessing a company’s assets. However, with the increase in data breaches due to weak passwords, organizations are looking for better alternatives when it comes to authentication.

    Learn how WebAuthn helps organizations move away from passwords and towards a reduced password environment. Now organizations have the flexibility and options to leverage biometrics authentication for seamless user experience, without compromising security.

    View this webinar to learn:

    -How modern biometrics authentication impacts today’s workforce
    -Use cases of WebAuthn/FIDO2
    -Best practices to employ WebAuthn/FIDO2 authentication to enable secure access to your organization’s assets
  • Leverage Microsoft Azure AD and YubiKeys for MFA in the Enterprise Recorded: Dec 17 2019 53 mins
    Derek Hanson, VP Solution Architecture, Yubico / Libby Brown, Sr. Program Manager, Cloud Authentication, Microsoft
    For many enterprise organizations, one of the challenging components to going passwordless is an environment that includes on-premise and cloud applications. Innovations from both Microsoft and Yubico support the flow of secure authentication using different identity and access management methods. During this webinar, we will go deeper into use cases involving the passwordless setup for mixed environments utilizing YubiKeys

    Attend this technical webinar to learn about:

    * Azure AD architecture for passwordless
    * The journey towards passwordless for enterprise organizations
    * Enabling YubiKeys for passwordless authentication
  • Go Passwordless with Yubico and Microsoft: WebAuthn, FIDO2 and Azure AD Recorded: Dec 12 2019 52 mins
    Hormazd Romer, VP Product Marketing, Yubico and Jon Wojan,Partner Technical Architect, Microsoft
    Secure passwordless authentication is coming to a computer near you! WebAuthn, a new standard published by the W3C, along with the FIDO2 spec now make this promise a reality. Microsoft’s upcoming support for Windows 10 passwordless login via Azure Active Directory means soon hundreds of millions of users will be able to experience the convenience of passwordless login at a higher level of security than the traditional combination of password and multi-factor authentication (MFA).

    Experts from Yubico and Microsoft will provide an overview of the journey to passwordless, its key benefits, and why it is more secure than typical MFA.

    Attend this webinar to learn:

    * The roadmap to passwordless
    * Use cases and advantages of the WebAuthn and FIDO2 standards
    * How passwordless will work with Windows 10 and Azure AD
    * How to get started with passwordless authentication
  • Top 5 Best Practices for Strong Authentication in Call Centers Recorded: Nov 7 2019 30 mins
    Abby Guha, Senior Director Product Marketing, Yubico
    The call center plays a pivotal role in the success of an organization and its brand perception. Call center agents not only solve customer problems on a daily basis, but they help build customer relationships.

    In order to do their jobs, agents frequently access sensitive and protected data. The importance of high security operations in a call center cannot be overstated--customer and financial data needs to be protected and accessed securely at all times.

    View this webinar to learn:

    * The current challenges faced by call centers
    * The top 5 best practices for strong authentication
    * The optimal approach to maximize productivity, mitigate threats, and meet compliance requirements
  • Tips, Tricks & Predictions to Help Navigate Today’s Cyber Security Challenges Recorded: Nov 6 2019 64 mins
    Corey Williams, Idaptive / Alex Yakubov, Yubico / Benjamin Rice, Bitglass / David Szabo, Palo Alto Networks
    Hear executives from Idaptive and leading security firms Yubico, Bitglass and Palo Alto Networks engage in a lively roundtable discussion inspired by National Cyber Security Awareness Month (NCSAM) and the goal of providing cyber security education and guidance to enterprises and individuals alike.

    Each of the distinguished panelists shares security tips, tricks and recommendations that organizations can put to use to improve or enhance the security of their business. They’ll also provide tips that individual consumers can put to use as they navigate today’s complex digital world.

    Panelists also share predictions about the security challenges that may lie ahead in 2020, and what organizations, in particular, can do to anticipate and mitigate these challenges.

    This unique panel is comprised of executives from the leading organizations in Identity-as-a-Service (IDaaS), hardware authentication security keys, Next-Gen CASB, and technology and infrastructure for cloud, network and mobile device protection.

    KEY TAKE-AWAYS:

    * Helpful insights and ideas for improving your organization’s security posture
    * Perspectives representing a variety of security disciplines
    * A look ahead to 2020 that will help with cyber security planning and investment prioritization

    Moderator: Corey Williams, VP Strategy & Marketing, Idaptive

    Panelists: Alex Yakubov, VP Partner Marketing, Yubico / Benjamin Rice, VP Business Development, Bitglass / David Szabo, Director of Product Marketing, Cortex Data Lake Palo Alto Networks
  • Empower the Workplace using Modern Authentication Recorded: Oct 29 2019 45 mins
    Jeff Broberg, Senior Director of Product Management, OneLogin / Karen Larson, Integrations Program Manager, Yubico
    Passwords typically lead the entryway for accessing a company’s assets. However, with the increase in data breaches due to weak passwords, organizations are looking for better alternatives when it comes to authentication.

    Learn how WebAuthn helps organizations move away from passwords and towards a reduced password environment. Now organizations have the flexibility and options to leverage biometrics authentication for seamless user experience, without compromising security.

    View this webinar to learn:

    -How modern biometrics authentication impacts today’s workforce
    -Use cases of WebAuthn/FIDO2
    -Best practices to employ WebAuthn/FIDO2 authentication to enable secure access to your organization’s assets
  • SIM Swap and Mobile Authentication Challenges: Protect Against Account Takeovers Recorded: Oct 22 2019 52 mins
    Hormazd Romer, VP of Product Marketing, Yubico
    Account takeovers from SIM swap attacks that target taking over a mobile phone number are on the rise.

    Although multi-factor authentication (MFA) is recommended to provide strong authentication, not all MFA solutions are created equal. SMS and mobile-based authentication methods have been very common, but as recent news headlines have shown, are not very secure.

    Information security professionals should realize they can no longer rely on phone numbers as a secure method of strong authentication. In fact, NIST has deprecated the use of SMS authentication in their guidelines. Similarly other mobile based authentication methods can also be susceptible to phishing and man-in-the-middle (MITM) attacks.

    Attend this webinar to learn:

    * The challenges with current phone-based authentication methods
    * The pros and cons of each authentication method
    * How FIDO2 and WebAuthn, the new authentication standards, enable strong, user-friendly authentication
    * Best practices for enterprise authentication
  • New Strategies to Protect Healthcare Employees from Breaches, Scams & User Error Recorded: Sep 20 2019 56 mins
    Andy Nieto, Global Healthcare Solutions Manager, Lenovo / Allison Heeter, NA Brand Ambassador, Lenovo / Abby Guha, Sr. Direct
    In a recent Lenovo Health webinar, fifty percent of the participants confirmed that employee neglect represents their biggest security threat--and with good reason. It has been found that healthcare employees click on 1 out of every 7 phishing email scams, and nearly a quarter of healthcare employees write their user names and passwords near their computers.

    Fortunately, a multitude of security tools are available now to simplify security and protect employees from costly missteps. In this session, a panel of security experts will share their insights on the most effective employee security strategies, including:

    * How to identify your organization's greatest risks
    * The latest hardware and software solutions for data and identity protection
    * Best practices for ongoing employee education
  • Enabling Passwordless Authentication with a Secure Root of Trust Recorded: Sep 19 2019 43 mins
    Abby Guha, Senior Director Product Marketing, Yubico
    Even though many organizations have implemented multi-factor authentication (MFA) through mobile push, or One Time Passwords (OTP) via SMS and mobile apps, these authentication techniques have been shown to be very vulnerable to account takeovers.

    As most users have multiple devices they use on a day-to-day basis to log into websites, services and applications, how do you enable fast, easy, and secure authentication to every device? New standards such as FIDO2 and WebAuthn now make this possible, and easy to implement.

    Attend this session to learn:

    * What is a root of trust
    * Why a secure root of trust is important
    * How a WebAuthn powered root of trust works
    * The key benefits of passwordless login for your employees, partners, and customers
    * Portable root of trust use cases
  • Paving the Way to a Passwordless Future Recorded: Aug 21 2019 64 mins
    Abby Guha, Senior Director, Product Marketing, Yubico; Jim Manico, Founder, Manicode Security
    It is increasingly apparent that authenticating only with username and password is no longer sufficient as stolen passwords are responsible for 81% of data breaches. And even though many organizations have implemented multi-factor authentication (MFA) through mobile push, or One Time Passwords (OTP) via SMS and mobile apps, these authentication techniques have been shown to be vulnerable to account takeovers.

    Attend this webinar to learn:

    * How WebAuthn, the new web authentication standard, is paving the way for a highly secure passwordless future
    * The key benefits of passwordless login for your employees, partners, and customers
    * Best practices for enterprise authentication
  • Improving Enterprise Authentication: Taming the Password Beast Recorded: Jul 26 2019 62 mins
    John Pironti, President, IP Architects / Jerrod Chong, Chief Solutions Officer, Yubico
    Many enterprises have implemented some basic methods for managing user authentication to sensitive data, and some have even mastered the “single sign-on” problem for data access. But today’s IT environment increasingly involves a wide range of user devices and locations, including mobile equipment, cloud services, and even Internet of Things devices. In this Dark Reading webinar, top experts will discuss emerging methods for solving the authentication problem, and for building authentication strategies that go beyond the enterprise premises.

    Attend this webinar and you'll learn:

    * what essential questions you must ask yourself and your service providers, before designing an authentication strategy for your business

    * why the FIDO2 / WebAuthn standard shifts authentication paradigms and might support your identity and access management strategy

    * how to support better security and lower friction for both internal and external users

    * what to consider now if you want your authentication strategy to stand the test of time (and whether passwords should be part of the long-term plan)
Your Key to a Safer Internet
Yubico was founded in 2007 with the mission to make secure login easy and available for everyone. In close collaboration with leading internet companies and thought leaders, Yubico co-created the FIDO U2F and FIDO2/WebAuthn open authentication standards, which have been adopted in major online platforms and browsers, enabling two-factor, multi-factor, and passwordless login and a safer internet for billions of people.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: 2019 State of Password and Authentication Security Behaviors
  • Live at: Feb 20 2019 7:00 pm
  • Presented by: Dr. Larry Ponemon, Ph.D., Chairman and Founder, Ponemon Institute and Abby Guha, Sr. Director Product Marketing, Yubico
  • From:
Your email has been sent.
or close