Which authentication tools are users most comfortable with?

Authentication is the first line of defense in any organization’s cybersecurity strategy, but not all authentication tools offer the same level of security, convenience, or scalability. From traditional passwords to advanced biometric and adaptive authentication, businesses must carefully choose the right mix of methods to balance security with user experience. As cyber threats evolve, relying on a single form of authentication is no longer enough—organizations need layered approaches that reduce the risk of credential theft and unauthorized access.

The various authentication methods available today include knowledge-based (passwords, PINs), possession-based (security keys, one-time passcodes), and inherence-based (biometric) approaches. With that in mind, security experts at Specops Software were curious to see the public’s opinion on new authentication methods by surveying 3,740 British people about how comfortable they feel using biometric authentication methods, and how many would prefer using traditional passwords to unlock their devices.

What % of people are comfortable with these authentication tools?

Our research can reveal that individuals prefer traditional authentication methods over biometric authentications, with more than three quarters of Brits (78%) saying they feel most comfortable using just the traditional password. The token authentication method (where a small hardware device is used to authorize access to a network service) comes next with 7 in 10 (72%) saying they feel safest using it.

We can’t say the same about some of the most technologically advanced security measures, such as iris recognition and retina scans, as only 11% of people said they would feel comfortable using these authentication methods. While fingerprint recognition is growing in popularity and many phone companies implementing this feature into their new smartphone devices, less than half (42%) of respondents said they feel truly comfortable using it.

How can I prevent an authentication tool being hacked?

One of the main reasons for people being afraid of using certain authentication methods is a concern of their biometric data being hacked. With that in mind, here are Specops Software’s top tips on how to prevent authentication hacking attacks and how to keep your private information safe.

1. Stay away from public Wi-Fi networks when logging into important accounts – Whilst using public Wi-Fi, you are more susceptible to Man-in-the-Middle attacks. Hackers can easily position themselves between your device and the connection/service, putting your accounts at risk.  
2. Implement multi-factor authentication when possible – This will offer you extra security and make it much harder for hackers to crack both of your authentication methods. Possible combinations include: password and one-time-code, password and text message, password and fingerprint.
3. Choose your password wisely – While you might be tired of hearing it, having a strong password is one of the most important steps in keeping your information safe. There are many types of password attacks, from brute-force attacks to dictionary attack, so we advise being more creative and staying away from “Password1234”. 
4. Keep your device up-to-date – If you want to keep your information safe, keeping your device updated is an important step, especially if you are using biometric authentication methods like fingerprints or face recognition. These updates will offer you critical protection against hackers who will take advantage of older systems without security patches.

Don’t neglect the humble password

Passwords are often the fallback method for more advanced authentication tools. With Specops Password Policy and Breached Password Protection, organizations can continuously protect themselves against over 4 billion more known unique compromised passwords. These include compromised passwords that could be considered ‘strong’ and have been stolen by malware.  

Our research team’s attack monitoring data collection systems update the service daily and ensure networks are protected from real world password attacks happening right now. The Breached Password Protection continuously scans your Active Directory for breached passwords and allows you to alert end users with customizable messaging that helps reduce calls to the service desk. 

Interested in seeing how this might work for your organization? Have questions on how you could adapt this for your needs? Contact us or see how it works with a demo or free trial.