Oracle CTO Larry Ellison is done with passwords.
“Let me announce right here, we're done with passwords,” Ellison said on a recent earnings call. “The idea is utterly ridiculous. They're easily hacked. The more difficult they are to remember, the more likely you are to write them down, the more likely they are to be stolen. Everything done to make passwords better has made them worse.”
“I don't want to remember passwords,” Ellison continued. “Don't ask me to type in some stupid 17 letter password that someone can steal.”
Ellison is not alone in his hatred of passwords. Nearly 9 in 10 consumers complain about keeping track of their passwords, according to a Ping Identity survey of 8,000 consumers across the world released Wednesday. Three-quarters of consumers want to change how they login to apps and websites.
The login process is full of friction — and passwords are the largest pain point. The experience can lose customer trust, and customers themselves.
“Consumers struggle to remember and keep safe the broad number of passwords needed to navigate the digital world,” Darryl Jones, VP of consumer strategy at Ping Identity, said in an email to CX Dive. “They get frustrated when they cannot log in with ease and have to spend precious time resetting new or remembering old passwords.”
Asked about how digital experiences could be improved, consumers listed login processes, notifications and password recovery as the top three areas.
When consumers can’t remember their passwords and can’t recover them easily, some simply give up. Over half of consumers admitted that they have stopped using an account because of login frustration, the survey found.
This friction puts business at stake.
“In retail this directly translates to lost revenue, empty carts and fewer conversions,” Jones said.
Balancing data security and ease of use
Nearly 4 in 5 consumers say security is the most important aspect impacting their overall experience with a brand, closely followed by ease of use.
The problem for business is how to balance simplifying the login experience with security.
Data security is paramount to maintaining trust. A 2023 Vercara survey found that two-thirds of consumers say trust would be lost following a cybersecurity incident, and three-quarters would be willing to cut ties with a brand.
To Shiva Nathan, founder and CEO of Onymos, passwords getting hacked is the most consequential issue facing the login experience — more than the nuisance posed to customers of having to remember them.
“The bigger problem is that you get a notice every once in a while that says, ‘Hey, your password was hacked and you have to go back and change the password,’” Nathan said.
When large-scale password breaches happen, blame falls on the provider, whether or not the incident was the result of security shortcomings or a particularly sophisticated threat actor,Shiva said. The end result is the same: Legitimate customers have trouble getting into their own accounts.
With nearly all consumers — 97% — concerned about online data privacy, companies need to take steps to maintain their trust.
But consumers differ on their preferences for security measures. Half of consumers say they feel more secure if they are prompted for multifactor authentication, 45% are comfortable with biometrics, and 41% want text/email prompts with one-time logins.
A passwordless future?
For Ellison, Oracle's future is passwordless. “We're getting rid of passwords entirely,” he said on the earnings call. Though Oracle is a business catering to businesses, it is a sentiment that can make headway with consumers, too.
“This is the way log on is going to work. I'm going to type in [email protected], the computer is going to look at me and say, ‘OK, hi Larry. We're done.’ Why would I type it in? Safra [Catz] can recognize me. My kids can recognize me. You're telling me the computer can't recognize me and log me in? This is ridiculous.”
The solution, he said, is biometric authentication — that is, face ID, fingerprints and the like.
Oracle is far from alone in shifting to passwordless solutions.
“Most of the leading identity providers out there, they don't want you to remember your password anymore. They authenticate you using your bio authentication,” Nathan said.
Even the federal government is using biometric authentication in passport control, scanning travelers faces when they come into the country to authenticate their identities.
As consumers experience easy login and authentication experiences, it raises the bar for good experiences.
“Consumers are becoming more aware of easier login experiences — like biometrics without passwords — and they expect that everywhere so they don't have to deal with this hassle,” Jones said. “Passwordless options not only provide both a better, easier user experience, but they are also more secure.”
