惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

L
LINUX DO - 最新话题
G
Google Developers Blog
J
Java Code Geeks
The GitHub Blog
The GitHub Blog
F
Full Disclosure
H
Help Net Security
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Vercel News
Vercel News
酷 壳 – CoolShell
酷 壳 – CoolShell
Recent Announcements
Recent Announcements
Help Net Security
Help Net Security
The Hacker News
The Hacker News
IT之家
IT之家
Y
Y Combinator Blog
Martin Fowler
Martin Fowler
L
Lohrmann on Cybersecurity
C
CERT Recently Published Vulnerability Notes
V
Visual Studio Blog
博客园 - 聂微东
Hacker News: Ask HN
Hacker News: Ask HN
H
Hacker News: Front Page
Know Your Adversary
Know Your Adversary
Security Latest
Security Latest
Security Archives - TechRepublic
Security Archives - TechRepublic
Simon Willison's Weblog
Simon Willison's Weblog
www.infosecurity-magazine.com
www.infosecurity-magazine.com
T
Troy Hunt's Blog
Last Week in AI
Last Week in AI
Schneier on Security
Schneier on Security
N
News and Events Feed by Topic
博客园 - 【当耐特】
有赞技术团队
有赞技术团队
AWS News Blog
AWS News Blog
Blog — PlanetScale
Blog — PlanetScale
博客园_首页
Google DeepMind News
Google DeepMind News
Cloudbric
Cloudbric
N
News | PayPal Newsroom
A
About on SuperTechFans
S
Schneier on Security
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Hugging Face - Blog
Hugging Face - Blog
M
MIT News - Artificial intelligence
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
雷峰网
雷峰网
T
The Exploit Database - CXSecurity.com
罗磊的独立博客
K
Kaspersky official blog
The Cloudflare Blog
I
Intezer

Blog on 1Password Blog

Why secure-by-design is an incentives problem, with Bob Lord | 1Password NIST and AI agents: 1Password’s approach to agent identity | 1Password Go beyond device health with External Checks in 1Password Device Trust | 1Password Natoma and 1Password help enterprises scale AI securely with governed agent access | 1Password New integrations between 1Password SaaS Manager and EPM | 1Password A first step toward post-quantum security | 1Password RSA 2026: Leading the way to secure agentic AI | 1Password How 1Password is Building a Culture of AI Fluency Through AI Champions | 1Password 1Password vs. Keeper Security: A comparison | 1Password 1Password vs. LastPass: Which is right for you? | 1Password Secure MCP credentials with 1Password and Runlayer | 1Password The next layer of AI security | 1Password Building the next chapter of Go-to-Market in EMEA | 1Password Automating SOC workflows with 1Password Enterprise Password Manager | 1Password Automated Provisioning hosted by 1Password: A Simpler, Smarter Way to Manage Access | 1Password Introducing 1Password® Unified Access: Identity Security for Humans and Their AI Agents | 1Password Next-generation automated provisioning, without compromising zero-knowledge security | 1Password Bitwarden vs. 1Password: Which password manager is right for you? | 1Password Password Manager for Families, Enterprise & Business | 1Password | 1Password How to wrangle SaaS contract renewals | 1Password Stop trusting consumer browsers with work credentials | 1Password IAM stops at sign-in. Your credentials do not. | 1Password Your digital pit crew: a 10-minute pre-race security checklist | 1Password 1Password Device Trust is coming to EMEA | 1Password The identity transformation: Analyst and CIO insights | 1Password Why now is the moment to join 1Password Go-To-Market | 1Password Identity and Accountability in the Age of AI Agents | 1Password How 1Password secures agent architectures | 1Password 1Password becomes the first global partner to transact through Express Private Offers in AWS Marketplace | 1Password Start Learning on 1Password Academy | 1Password Expanding Programmatic Access to 1Password | 1Password Zero knowledge vs. a malicious server: A look at ETH Zurich’s research | 1Password Agents are making filesystems cool again | 1Password Black History Month employee spotlight: Joseph Ojelade | 1Password 1Password's new benchmark teaches AI agents how not to get scammed | 1Password Streamlining SaaS onboarding and offboarding | 1Password 3 common SaaS Management challenges and how to avoid them | 1Password How 1Password Is Evolving Its Partner Ecosystem | 1Password How to build secure agent swarms that power production-grade autonomous systems | 1Password From magic to malware: How OpenClaw's agent skills become an attack surface | 1Password Solving the unsanctioned SaaS problem | 1Password 1Password and 60 Day Hustle: cybersecurity for small businesses | 1Password Security advisory for AI-assisted browsing interactions with the 1Password browser extension | 1Password It’s incredible. It’s terrifying. It’s OpenClaw. | 1Password Managing the risks of social logins | 1Password What’s the first security tool your small business should buy? | 1Password As AI Supercharges Phishing Scams, 1Password Introduces Built-In Protection | 1Password How to interview with confidence at 1Password | 1Password Five tips for successful SaaS Management | 1Password SaaS Manager | 1Password Why SaaS License Waste Is a Cost and Security Problem | 1Password AI is changing the IDE. With 1Password, security keeps up | 1Password How IT teams can get a handle on shadow IT | 1Password Bringing secure, just-in-time secrets to Cursor with 1Password | 1Password The Chasing Entropy Podcast Season One is in the Books | 1Password Now available via QBS Software: 1Password Enterprise Password Manager – MSP Edition | 1Password The role of credentials in the AI espionage campaign reported by Anthropic | 1Password The hidden offboarding step draining your budget | 1Password AWS and 1Password: Innovation in AI and beyond | 1Password Simplifying credential security on OpenAI Atlas | 1Password From Social Work to Social Impact: Growing at 1Password | 1Password Improving in-page notifications in the 1Password browser extension | 1Password Password Manager for Families, Enterprise & Business | 1Password | 1Password Now available via Renaissance: 1Password Enterprise Password Manager – MSP Edition | 1Password Behind the wheel at Oracle Red Bull Racing | 1Password Securing MCP servers with 1Password: Stop credential exposure in your agent configurations | 1Password What’s new in 1Password Enterprise Password Manager - Q4, 2025 | 1Password Belonging as a catalyst for high performance | 1Password A simpler, faster way to unlock 1Password | 1Password Oracle Red Bull Racing Episode 4, CIO Matt Cadieux | 1Password 70% of IT and security pros say SSO is falling short | 1Password 1Password's Phishing Survey: Avoid Holiday Phishing Scams | 1Password Securing the Win | 1Password SaaS optimization: How to maximize value and reduce costs | 1Password The enterprise AI crisis: Unsanctioned tools and unenforced policies | 1Password An Identity Security taxonomy for Agentic AI | 1Password Introducing new .env file support in 1Password environments | 1Password Speed and security: Mark Hazelton on protecting Oracle Red Bull Racing’s most valuable asset – its data | 1Password 1Password for Good: Giving back during cybersecurity awareness month | 1Password Utah Mammoth and Utah Jazz score with identity security | 1Password Oracle Red Bull Racing CEO and Team Principal | 1Password Three signs you need a SaaS Management Platform | 1Password Closing the credential risk gap for AI agents using a browser | 1Password Microsoft and Dropbox password managers are sunsetting: What it means and what to do next | 1Password From hackathon nerves to internship wins: Kavya’s journey at 1Password | 1Password 1Password now available in Comet, the AI-powered browser by Perplexity | 1Password 1Password announces new integration with Zscaler | 1Password Breaking the mold: Why more women should consider a career in sales | 1Password What security leaders need to know about mergers and acquisitions | 1Password Clickjacking: What it means for 1Password users | 1Password AI and security at Black Hat: 5 key takeaways from a security expert panel | 1Password Blog | 1Password Do any CISOs feel lucky? | 1Password How to lead with confidence in the AI era: a conversation with Nancy Wang, VP, Engineering | 1Password New Device Trust Check makes browser extension enforcement easier | 1Password Purpose, performance, and trust: Inside the culture powering 1Password’s next chapter | 1Password Now available on Pax8 Marketplace: 1Password Enterprise Password Manager - MSP Edition | 1Password The security principles guiding 1Password’s approach to AI | 1Password Choosing the right SaaS management platform for your business | 1Password Simplify access reviews with 1Password SaaS Manager | 1Password How great usability tripled Duke University's password manager adoption | 1Password
Password habits are worsening, but leaders see a path to passwordless | 1Password
info@1password.com (Elaine Atwell) · 2025-11-13 · via Blog on 1Password Blog

Poorly managed credentials are among the most stubborn problems for security and IT teams, and authentication is one of the areas where the Access-Trust Gap is widest. But even as credential-based attacks remain a major threat to security, there are positive signs that companies are moving toward a passwordless future.

An infographic that says "89% of security and IT professionals say their company is encouraging or planning to encourage employees to shift their logins to passkeys."

This blog is part three in our series analyzing the 1Password Annual Report 2025: The Access-Trust Gap

  • To read part one, which addresses AI governance, click here.

  • To read part two, on SaaS management, click here.

  • If you haven’t had a chance to read the full report yet, download it here

In this blog, we’ll address the third section of the report, on credentials. We’ll walk through some of the report’s most eye-opening findings and how IT and security teams can translate them into actionable priorities. 

We’ll also explore how 1Password helps close these gaps via 1Password Extended Access Management, a suite of solutions that includes our Enterprise Password Manager, 1Password SaaS Manager (formerly Trelica by 1Password), and 1Password Device Trust. 

Credential risks remain high, but companies are embracing passwordless authentication

For years, weak and compromised passwords have been the most common path for bad actors to breach organizations. Yet leaders and employers alike are embracing and adopting more secure authentication methods, even as the complete elimination of passwords remains an elusive goal.

Credential and authentication statistics from the report

  • 66% of employees report having poor password hygiene (e.g., using default passwords, reusing the same password for multiple accounts).

  • 44% of CISOs report that employees using weak or compromised passwords is one of their top security challenges

  • 89% of security and IT professionals say their company is encouraging employees to shift logins to passkeys

In F1, data is everything, so we can't compromise on security, but we also can't afford tools that slow us down. Credential and secrets management was an area where we saw an opportunity to improve on both security and speed, by reducing the amount our team has to directly handle credentials.” - Mark Hazelton, CSO of Oracle Red Bull Racing

Imperative: Passwordless

As the report explains: 

'Passwordless’ authentication isn’t a binary, and passwords are unlikely to be fully deprecated anytime in the foreseeable future. With that in mind, the goal of passwordless should be to remove users as much as possible from the authentication flow, so their exposure to raw credentials is minimized.”

With that in mind, IT’s priorities include:

  1. Define your roadmap and process to replace weak passwords with unique passwords, add MFA, and transition to passwordless authentication, including passkeys.

  2. Equip employees with clear guidance and ongoing support with transitioning to strong passwords, MFA, and passwordless solutions.

  3. In the cases where passwords remain necessary, require the use of an enterprise password manager to facilitate secure storage and sharing of credentials.

How 1Password helps close the Access-Trust Gap for authentication

All three Extended Access Management solutions help companies accelerate their path to passwordless authentication, but we’ll focus on the capabilities of the Enterprise Password Manager (EPM). 

Define your roadmap and process to replace weak passwords with unique passwords, add MFA, and transition to passwordless authentication, including passkeys

EPM provides admins with a dashboard that tracks the company’s password risk exposure, surfacing issues such as weak and reused passwords and accounts without 2FA. With this complete picture of authentication, admins can triage their most urgent risks.

Equip employees with clear guidance and ongoing support with transitioning to strong passwords, MFA, and passwordless solutions

Admins can use EPM to notify users when stronger authentication options are available and guide or require them to adopt them. 

In the cases where passwords remain necessary, require the use of an enterprise password manager to facilitate secure storage and sharing of credentials

Managing passwords is the foundation of 1Password’s business. 1Password EPM encourages users to create strong, unique passwords, supports secure sharing – whether for developer secrets or social media logins – and gives admins centralized control, essential for secure onboarding and offboarding.

Meanwhile, 1Password Device Trust helps enforce policies by verifying that EPM is installed and working correctly.

Explore 1Password EPM with an interactive demo

Close your Access-Trust Gap with 1Password

The report’s data makes clear that businesses need to reconcile security with their employees’ productivity and convenience. Make it simpler to use strong credentials than it is to recycle old passwords, and make it even easier to use passwordless methods wherever possible. Only then can companies practice their Zero Trust principles and close the Access-Trust Gap.

To learn more about how 1Password can help you secure your business without slowing you down, reach out to us today.