Dashlane, creator of one of the best password managers out there, presents new research examining which major websites are best suited to using passcode technology.
Passcodes are an alternative form of two-factor authentication that uses a cryptographic key stored on a personal device, which is then typically verified using biometric data such as a fingerprint or facial recognition.
Passcodes are resistant to phishing and brute force, and even if an attacker has the device containing your passcode, they can't use it, making them a great alternative to passwords.
Which websites ask for passwords?
The findings of the inaugural Passkey Report expose the domains and industries paving the way for passkeys.
Consumers are largely driving passcode adoption, with frequently used websites including social media sites, finance and payment sites, and e-commerce, with Amazon, Target, and eBay among the four fastest-growing passcode domains since Q2 2024, highlighting the significant driving force of e-commerce sites.
In the financial sector, sites like Coinbase, Binance, Moneybird, and Stripe lead the pack, as they focus more on improving the security of their sites than attracting consumers. Financial and payment sites are a lucrative target for attackers, especially those offering cryptocurrency wallets. Therefore, securing these sites is of utmost importance to protect both the revenue and reputation of each brand.
When broken down by industry, e-commerce accounts for 41.7% of sites driving password adoption, followed by software services at 19.9% and finance and payments at 14.4%. Dashlane cites a FIDO study indicating that the average US consumer abandons a purchase or stops using an online service about 4.76 times per day because they forget their password. By introducing passwordless access, websites can capitalize on lost revenue.
Dashlane also notes that passcode authentications using its service have grown by more than 400% since the beginning of the year, reaching 200,000 authentications per month.
“The friction users experience when they forget or reset their passwords costs businesses millions of dollars in lost revenue and time,” said John Bennett, CEO of Dashlane. “Compromised and weak passwords remain at the heart of most breaches, causing immense financial and reputational damage.”