Passwords, the dominant form of securing enterprise assets, are a failure, a research firm said Thursday.According to the Meta Group, passwords aren't cutting the mustard because of both organizational and user failings, . . .
Passwords, the dominant form of securing enterprise assets, are a failure, a research firm said Thursday.

According to the Meta Group, passwords aren't cutting the mustard because of both organizational and user failings, as well as a lack of cost-effective alternatives.

"Enterprises are pretty frustrated with passwords," said Earl Perkins, vice president with the firm's security and risk strategies group. "They're asking, 'After three or four decades, isn't there something else besides passwords?'"

On the organizational level, Perkins said that passwords' failings range from enterprises wasting time creating convoluted policies to spending too little time protecting crucial applications. On the end-user front, meanwhile, passwords are ineffective when people have too many to maintain.

But the issue with password protection isn't just numbers, said Perkins. "From a cultural standpoint, many individuals don't believe the value of the password reflects the value of the assets it protects. Time and again, the password is not afforded deserved protection. This renders passwords ineffective regardless of synchronization, best practices, or management efforts."

The solution that enterprises are looking for is a low-cost way to add strong authentication to identity management. "The trend is toward the idea of some sort of supplement or alternative to passwords," he said.

The link for this article located at Gregg Keizer, TechWeb News is no longer available.