In 2016, Verizon reported that 65% of confirmed data breaches involve weak, default or stolen passwords. Numerous users fall for phishing attacks, attempts to obtain sensitive information such as usernames, passwords, and credit card details disguised as credible requests. According to Verizon, 23% of people open phishing emails and half of them even open attachments.
In enterprise environments, the use of passwords spawns a routine of endless training and security awareness programs, detailed usage policies (administrative controls) and centralized systems enforcing password length, complexity, and expiry (technical controls).
All of these actions need significant amounts of financial and administrative support. Reports show that cyber crime is a growing industry that costs the global economy about $400 billion annually. Over 70% of organizations have increased their spending on cyber security in 2017, as opposed to just 58% the previous year.