By Clayton Donley, Vice President & General Manager, Identity Management Security, Broadcom Software\n\n(This article was originally published in Dark Reading by Clayton Donley.)\n\nAlthough analysts have predicted the death of passwords for many years, passwords are still the predominant authentication credential used for many applications and IT systems. The reason for this is simple \u2013 everyone knows how passwords work, which makes them more convenient to use. \n\nAs a result, 80% of all company data breaches and hacking incidents result from stolen or compromised passwords. It\u2019s not hard to see why. The average user has more than 90 online accounts \u2013 almost all requiring a password that more than half of those same users reuse. And with a record 1,862 data breaches in 2021 at an average cost of $4.24 million per breach, it\u2019s no wonder that more than 555 million passwords are available on the Dark Web.\n\nPasswords are proliferating across our digital world and getting stolen in record numbers every year. But it doesn\u2019t have to be this way. \n\nThe twin dilemma of security vs. convenience\n\nEnterprises can address this problem today. In fact, many are already enhancing existing passwords with a second factor \u2013 for example, sending an out-of-band code via SMS or email. The technology exists for even stronger login credentials, but these will often significantly impact the user experience, which hurts adoption with internal users (employees) or retention with external users (consumers).\n\nOrganizations are faced with a balancing act: how to improve their authentication process, so the login credentials provide the needed security while being easy to use, but at the same time, difficult for hackers to steal or compromise. Oh, and let\u2019s not forget that this enhanced authentication mechanism must be cost effective too! \n\nOver the years, many new types of login credentials have emerged that were effective in one or two areas but fell short in the others. But there is hope. A new approach is flipping this paradigm on its head. \n\nSize matters\n\nThe size and scope of the problem must also be taken into consideration. For large enterprises, these challenges are multiplied because the sheer number of applications running across their hybrid environments, from the cloud to the mainframe. You hear a lot about the cloud, but how often do you hear someone mention the mainframe? Did you know that mainframes handle 90% of all credit card transactions, or that mainframes handle 68% of the world\u2019s production IT workloads? For many of our strategic customers, the mainframe is more mission critical than anything running in the cloud.\n\nA truly effective identity security solution needs to cover all aspects of an organization\u2019s infrastructure. Everything from the mainframe to distributed servers, from virtualized to multi-cloud environments, managing access across business applications, privileged accounts, and everything in between. \n\nThe convergence of technology and standards\n\nThe missing link in efforts to improve this identity security challenge is a failure to recognize that replacing the password is not as easy as people think. But there are several trends that may help accelerate the death of the password once and for all.\n\nThe first is the smartphone. According to Ericsson, the number of smartphone users in the world today is approximately 6.6 billion, which translates to almost 84% of the world\u2019s population. These devices are not only ubiquitous but are also responsible for teaching users how to use their fingerprint to unlock their devices and take a selfie. Biometrics is not an abstract concept anymore \u2013 it is becoming familiar even to people who struggle to use a computer. \n\nThe second trend is one of standardization, specifically the growing support for FIDO or Open ID Connect. These new security standards help to facilitate the exchange of identity and authentication information between an identity provider and an application. These standards eliminate the need for passwords and replace them with passwordless techniques, such as biometrics (a single finger swipe on your phone). However, there are many mainframe and web applications that were never designed with support for these standards, and therefore cannot leverage passwordless authentication \u2013 that is, not without major redesign or a little help.\n\nFor newer or smaller enterprises, the modification of applications to be FIDO or OpenID Connect compatible may be relatively small, but for larger enterprises, this problem is significant as the bulk of their mission critical apps may need to be modified, and this is just not financially feasible. As a result, while newer applications are getting built with passwordless authentication mechanisms, they are only addressing a subset of enterprise applications, networks, and environments. A truly effective security system needs to cover all of an organization\u2019s digital assets. If not, bad guys will always find the weakest link.\n\nSomething old, something new, something borrowed, something blue red.\n\nThis saying has inspired many wedding traditions and is somewhat appropriate for this topic as the solution to enterprise identity security challenges is basically the same: weaving together your existing Identity and Access Management tools with new, cloud-native tools to build a modern identity fabric, borrowing niche or point products to fill in specific gaps or address unique use cases.\n\nOnly through a holistic platform can enterprises solve the biggest pain points in identity security by replacing the need for passwords with a single password-less sign-on procedure for everything in our digital world. And similar to many couples who are inspired by this famous wedding saying, enterprises are not looking for a vendor, but a lifelong partner (something Red). \n\n\n\n\n\nTo learn more about how Broadcom Software can help you modernize, optimize, and protect your enterprise, contact us here.\n\n\n\nClayton Donley, Vice President & General Manager, Identity Management Security, Broadcom Software:\n\nClayton Donley is Vice President and General Manager of the Identity Management Security Division at Broadcom (IMS). In this role, he is responsible for the company\u2019s identity and access software portfolio, which protects and manages access to some of the world\u2019s most mission-critical applications.