Businessman touch fingers to scan reset password login online concept, cyber security and entering username and password of social media, log in smartphone online bank account, data protection hacker.
Image: Bussarin/Adobe Stock

Many individuals do not know how to account for, much less manage, their digital identities once they are stampeding in the wild, according to a new study.

Approximately 71% of respondents to a survey of identity and access management company Okta’s first Customer Identity Trends Report said they are aware that their online activities leave a data trail. Sixty-two percent of that group — 44% of respondents overall — reported that they have tried to manage their digital footprint.

For the research, the company polled 21,512 consumers across North America, Europe, Asia and Australia in August 2022 and February 2023.

The study said that given the strong competition for customer attention, “findings suggest that brands that want to build long-term customer loyalty should be transparent about what data is needed and how it’s used to power a private, secure, and convenient experience, and should provide customers with tools to manage their preferences.”

Jump to:

Difficulty accessing accounts is widespread

Americans are frequently having trouble accessing their accounts, with over a third of Okta survey respondents saying that at least once a month they could not access an account because they forgot their username or password. On average, 28% of all survey respondents said they deal with forgetfulness by resetting their password or username.

Americans want more ease, data control in digital transactions

In the study, 65% of Americans polled said they would be more likely to spend money when services offered a simple, secure and frictionless log-in process. However, 73% said they would compromise a frictionless user experience with a brand in order to have more control over data.

“Customers want frictionless, personalized, and instantaneous experiences when logging in to apps and making purchases; at the same time, they want to control what data they share, and they want appropriate security controls in place to protect it,” said Shiven Ramji, chief product officer for customer identity at Okta. “But, finding the right balance between these two can be a challenge: Some amount of friction is necessary both to establish trust and to provide necessary security controls that protect a user’s sensitive information and combat fraud.”

According to Okta’s study:

  • Seventy-three percent of Americans said they have 10 or more active account-based apps and websites (online shops, banks, insurance fitness and restaurants, for example).
  • Thirty-nine percent have 10–20 apps; 24% have 20–50 apps; and 10% have 50–100 accounts.
  • Of the 57% of Americans who said they still have access to all of the accounts, products and services they have registered with, 39% said they manually track their login information, and 18% use a password manager.

The majority (86%) of Americans believe that it is important that they have control over their data when interacting with a brand online and 65% said they are more likely to spend money if they know the log-in process is simple, secure and frictionless.

Wrangling passwords and logins leads to abandoned shopping carts and brand engagement

According to research by Okta’s Customer Identity Cloud (formerly Auth0) 83% of consumers have abandoned their cart or sign-up attempt because the log-in process was too complicated. Often, the culprit is a long-forgotten password.

The research also spotlighted the top pain points around registering and logging in to accounts:

  • Filling up long log-in or sign-up forms (39%)
  • Entering private or sensitive information, such as a passport number (38%)
  • Creating a password that must meet certain requirements (37%)

More than half of Americans (53%) said that logging in to social media accounts with traditional username and password is the most convenient and secure way to interact with a brand online, followed by multi-factor authentication (42%) and passwordless login (38%).

The top three measures Americans take to protect their own data are:

  • Using strong passwords (67%)
  • Restricting the data they have to share as much as possible (49%)
  • Deleting cookies on a regular basis (43%)

Only 30% of those surveyed use a password manager to protect their own data.

For all industry verticals, the percentage of Americans wanting data control is above 80%. The majority (86%) of Americans said that it is important that they have control over their data when interacting with a brand online. Americans favored control more than the global average across every industry. The percentages, by vertical, of Americans who said they want control over their data are:

  • Retail and hospitality: 88% of Americans said it is important to have control over their data.
  • Financial services and insurance: 91%
  • Public sector: 86%
  • Health care: 89%
  • Transportation and travel: 82%
  • Media and entertainment: 82%

Ramji said individuals’ data sprawl has implications for enterprises.

“The more accounts a user has, the greater their exposure to data breaches — especially when many of those accounts are forgotten or otherwise not maintained (a consequence of account churn),” he said. “A breach to any one of these services may equip a threat actor with a huge volume of user credentials and associated personal data.”

Ramji said that given the strong competition for customer attention, brands that want to build long-term relationships with customers must be transparent about what data is needed and how it’s used to power a private, secure, and convenient experience.

“That is the basic requirement from consumers and something that shouldn’t be compromised,” said Ramji.

Subscribe to the Cybersecurity Insider Newsletter

Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays

Subscribe to the Cybersecurity Insider Newsletter

Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays