Check out all the on-demand sessions from the Intelligent Security Summit here.
Are passwords dead? With many vendors like Microsoft, Apple and Google moving toward passwordless authentication options alongside the FIDO Alliance and credential-based attacks on the rise, you’d be forgiven for thinking that passwords are on the way out, but login credentials aren’t done just yet.
Just today, open-source password manager Bitwarden announced that it has received a $100 million investment from PSG, a growth equity firm, with participation from Battery Ventures, highlighting that password management still has an integral role to play in enterprise and consumer security for the foreseeable future.
For enterprises, the investment highlights that while passwordless authentication options are growing in number, enhanced password management could still provide an effective answer to the onslaught of credential theft and phishing emails.
The state of passwords in 2022
The announcement comes as more and more users struggle to manage their online passwords, with research showing that 39% of Americans report experiencing a high level of password fatigue.
Intelligent Security Summit On-Demand
Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.
This is unsurprising when considering the high volume of accounts that users juggle. In fact, NordPass estimates that each person needs to manage 80-100 passwords, making it mentally exhausting to create strong and unique passwords for each online account.
As a result, many users resort to reusing credentials and selecting weaker passwords to make it easier to log in to their online accounts. This inevitably makes it easier for cybercriminals to conduct account takeover attempts in an extremely punishing threat landscape.
Research reveals that 81% of companies within the FTSE 100 had at least one credential compromised and exposed on the dark web, with a total of 31,135 stolen and leaked credentials detected for these companies.
Password management vs. credential theft
While some providers are responding to this threat landscape by looking at eliminating login credentials altogether, organizations like Bitwarden remain determined that better password management holds the answer to protecting users from these types of threats.
“Password management has become a required part of every company’s security stack,” said Michael Crandell, CEO at Bitwarden. “Bitwarden helps companies and individuals stay protected with strong and unique passwords for all their online accounts. This helps businesses avoid breaches and ransomware, and helps individuals avoid identity theft.”
In practice, Bitwarden provides users with a virtual space to store their passwords, alongside features like credential autofill, automatic password generation and password strength scoring, to help manage the security of their passwords more effectively at scale to reduce fatigue.
A look at the password management market
Bitwarden is one of the biggest providers in the password management global market, which researchers expect will reach a value of $2.9 billion by 2027, as more users and organizations attempt to manage passwords more proactively.
The organization is competing against some established competitors in the space, including LastPass, which offers a password management tool that you can log in to password-free via the LastPass Authenticator, and use a built-in generator to create strong passwords.
LastPass was spun out by Elliott Management’s private equity firm and Francesco Partners last year for $4.3 billion. The company was recently in the news regarding a security breach of its source code.
Another key competitor is 1Password, a provider offering one-click login to sites, password-generation capabilities, and an insights dashboard where users can monitor password health. Earlier this year, 1Password closed a $620 million series C funding round and achieved a valuation of $6.8 billion.
The key differentiation between Bitwarden and other competitors is not only is it open source, but it offers a free password manager for unlimited logins and devices that can be deployed in the cloud or via a self-hosted setup to ensure that organizations can meet external compliance requirements.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.