Why is Microsoft delivering conflicting advice around passwords?Jason Tooley | June 10, 2019
Microsoft recently took the unusual step of simultaneously advising companies to adopt biometric authentication, whilst also making current passwords more complex. The tech giant argues that the effectiveness and protection of passwords do not diminish with time.
There is clear evidence to suggest direct correlation between increasing password complexity and higher costs through password management processes.
I believe Microsoft is correct in directing customers towards the adoption of biometrics for employee authentication, not just for Microsoft applications, but also for other services and applications whether Cloud, SaaS – virtualised or legacy. However, making passwords more complex ignores the major opex costs associated with managing passwords and associated 2FA solutions. The annual costs linked to this problem means that large companies incur millions of dollars of direct costs and lost productivity. The price of increased security shouldn’t be increased costs and reduced productivity.
Increasing the complexity of employee passwords will almost certainly result in higher costs and less productivity without necessarily having the desired effect of minimising the risk of compromised passwords. This will continue to be a drain on currently stretched IT budgets and resources.
Making employee enrollment a process that creates a digital identity and therefore allows for simplifying the authentication process will enhance the digital experience for your employees and will enhance productivity. At Veridium, we believe in the removal of passwords to deliver secure experiences to employees and consumers; this is done through a software platform for abstracted digital authentication based on an open biometric approach.