Hit enter to search

Is 2025 going to be the year of passwordless?

Author Avatar
Boyan Demortier

The concept of a passwordless future has been gaining significant traction in recent years, with many experts predicting that 2025 could be a pivotal year for widespread adoption. Traditional passwords have long been a cornerstone of digital security, but their vulnerabilities—such as susceptibility to phishing, brute force attacks, and the challenges of managing multiple complex passwords—have led to a search for more secure and user-friendly alternatives.

The rise of passwordless authentication

Passwordless authentication methods eliminate the need for traditional passwords by leveraging alternative factors such as biometrics (e.g., fingerprint or facial recognition), hardware security keys, or behavioral patterns. These methods enhance security by reducing reliance on knowledge-based credentials, which are often the weakest link in security frameworks.

When looking at the value of the global passwordless authentication market, we can see a clear rise: A report from Straits Research indicates that this market was valued at roughly $18 billion in 2024 and is projected to grow to over $21 billion in 2025, with an expected reach of $86 billion by 2033. This growth reflects a compound annual growth rate (CAGR) of nearly 19% during the forecast period, underscoring the increasing demand for secure and user-friendly authentication solutions.

Technological advancements and industry adoption

Major technology companies are spearheading the shift towards passwordless authentication. The FIDO Alliance, comprising industry leaders like Apple, Google, and Microsoft, has been instrumental in developing and promoting standards for passwordless logins. Their efforts have led to the creation of passkeys, which utilise public-key cryptography to provide secure and convenient authentication experiences.

In late 2024, Microsoft announced plans to replace traditional passwords for over a billion users, signalling a significant move towards passwordless authentication. This initiative aims to enhance security and user experience by adopting methods such as biometrics and hardware tokens.

The impact of NIS2

The NIS2 directive, which strengthens cybersecurity regulations across the EU, places a strong emphasis on robust authentication measures for critical sectors. One of its key requirements is the implementation of strong authentication mechanisms to mitigate cybersecurity risks.

This aligns closely with the passwordless movement, as organizations seek to comply with NIS2 by replacing weak password-based authentication with more secure alternatives such as biometrics, hardware security keys, and FIDO2 authentication. By adopting passwordless security, businesses not only improve compliance but also enhance overall cybersecurity resilience. 

DDES
Our NIS2 expert Driek Desmet points out that this trend is not limited to the EU:

"Recently, the UK government announced it is preparing to roll out passkey technology across its GOV.UK digital services later this year, replacing SMS-based verification with a more secure and cost-effective alternative that could save millions of pounds annually. This initiative highlights a growing international commitment to eliminating traditional passwords in favour of more robust and user-friendly solutions."

Challenges and considerations

While the momentum towards a passwordless future is strong, several challenges remain:

  • Transitioning from traditional password systems requires significant changes in infrastructure and user education. Organisations must ensure that new authentication methods are not only secure but also accessible and user-friendly to encourage widespread adoption.
  • Additionally, considerations around privacy, especially concerning biometric data, must be addressed. Ensuring that biometric information is stored securely and used responsibly is paramount to maintaining user trust.

Looking ahead

As we progress through 2025, the shift towards passwordless authentication is becoming increasingly evident. With substantial investments in technology and a growing recognition of the limitations of traditional passwords, it is plausible that 2025 will be remembered as the year when passwordless authentication became mainstream.

Want to find out how secure or vulnerable your organisation is? Have a look at our pages on cyber security audit or penetration testing services.

 

NIS2 whitepaper
cybersecurity

Current job openings

We are constantly looking for new colleagues!

If you share our values and you're looking for a challenging job in Belgium's Best Workplace, visit our website.

Apply now

Get our top stories in your inbox every month

Follow us
  

Recent posts
Is 2025 going to be the year of passwordless?

Is 2025 going to be the year of passwordless?

19/05/2025
How Microsoft Power Platform, Copilot Studio, and Copilot Agents work together

How Microsoft Power Platform, Copilot Studio, and Copilot Agents work together

19/05/2025
Don't miss out on Easi at Cybersec Europe 2025

Don't miss out on Easi at Cybersec Europe 2025

19/05/2025

Share this article
  

Related articles
See all blog articles
Is 2025 going to be the year of passwordless?

Is 2025 going to be the year of passwordless?

The concept of a passwordless future has been gaining significant traction in recent years, with...

Read more
Do OT Networks need their own threat monitoring and SOC capabilities?

Do OT Networks need their own threat monitoring and SOC capabilities?

Operational Technology (OT) environments have long been designed with reliability and efficiency in...

Read more
OT security maturity: Why workforce development is also critical

OT security maturity: Why workforce development is also critical

As previously mentioned, the convergence of Information Technology (IT) and Operational Technology...

Read more