Password fatigue is the overwhelming feeling of stress and exhaustion resulting from the excessive number of passwords users are required to maintain for their various accounts. As the list of complex and diverse passwords increases, so does the confusion and inability to remember them.
Password fatigue, also referred to as password chaos, occurs more frequently nowadays since users are required to maintain good password hygiene. This includes not reusing passwords across accounts, and selecting difficult passwords containing a particular set of characters, numbers, symbols, and uppercase letters. Even then, sometimes users are required to change these complex passwords after set intervals to ensure the security of their accounts. There is only so much stress the human brain can take. So the inability to keep track of a large number of complex passwords is the cause of password burnout.
Ever since their introduction to computing in the 1960s, passwords have become the primary authentication method for online services. Unfortunately, with large-scale data breaches, social engineering, and the development of advanced hacking and fraud techniques, passwords are not as secure as they used to be. It does not matter whether a user keeps a strong password or a weak one, hackers have found their way around it. In addition, maintaining a string of complicated passwords and the process of registration, sign-in, sign-out, and password reset create considerable friction in the user’s experience. This results in companies losing clients.
Reports show that an average person has about 70 to 80 passwords to remember. Considering that each of these passwords is a unique and complicated string of letters, symbols and characters, this password overload can make users start to feel overwhelmed. Eventually, they resort to solutions that put them at risk, such as:
Eliminating passwords from the customer experience is the solution to password fatigue. It liberates users from keeping track of complex, confusing passwords. Additionally, this helps companies reduce user friction and drop-off.
This is a loosely defined term and can be used to refer to any method of authentication that does not involve the use of a password. However, passwordless does not mean frictionless. Even though passwordless authentication strategy is aimed at eliminating the friction created by passwords, the extent of user-friendliness and improved security depends on the specific replacement authentication method. There are many options for authentication that fall within passwordless authentication including multi-factor authentication and zero-factor authentication.
Multi-Factor Authentication (MFA) requires a user to present two or more factors or pieces of evidence for authentication. It uses additional factors for authentication such as customized personal questions, security keys or biometrics for authentication to increase security. The MFA method is designed to balance user convenience with additional security.
Modern mobile devices carry sensors that provide signals that can be used to recognize trusted users and flag potential fraudsters. Zero-factor authentication (0FA) is a solution to password fatigue since 0FA requires no action by the user and works silently in the background using sensor data as a recognition signal for risk-based authentication.