Notifications
Clear all
Topic starter
08/06/2026 4:02 pm
TL;DR: Authentication processes stopped 60% of 2,000 US office workers from doing their job, while 59% had contacted IT after being locked out and 15% said fixes took nine hours or longer, according to Axiad’s survey. The pattern shows authentication friction is now a productivity and governance problem, not just a user experience complaint.
NHIMG editorial — based on content published by Axiad: Do passwords impact productivity?
By the numbers:
- 60% admit that authentication processes have stopped them from doing their job.
- 59% have had to contact the IT department at their workplace because they were locked out of their computer.
- 5 hours (4 hours 43 minutes) to fix, (4 hours 43 minutes) to fix authentication issues at work.
Questions worth separating out
Q: How should IAM teams reduce password-related productivity loss?
A: They should start by measuring where password failures interrupt work most often, then redesign the highest-friction journeys first.
Q: Why do passwords create more than a security problem?
A: Passwords create a productivity problem because every forgotten credential, lockout, and reset interrupts work and consumes support time.
Q: How do you know if passwordless authentication is actually working?
A: Look for fewer lockouts, fewer reset tickets, and shorter time to restore access without increasing help desk escalation.
Practitioner guidance
- Measure authentication friction as an operational control metric Track lockouts, reset volume, and mean time to restore access for critical user groups.
- Prioritise passwordless for the highest-friction workflows Start with the applications that generate the most help desk traffic or business interruption.
- Close MFA policy gaps where adoption remains optional Map where MFA is only recommended, selectively enforced, or bypassed through exceptions.
What's in the full article
Axiad's full blog post covers the survey detail this post intentionally leaves for the source:
- Full survey breakdown of the 2,000-worker sample, including the workplace behaviours behind password frustration.
- The complete question set on authentication pain points, including lockouts, forgotten passwords, and help desk contacts.
- Axiad's original framing of how password issues affect productivity and employee experience.
- The survey methodology notes for the OnePoll study conducted in September 2021.
👉 Read Axiad's survey on passwords and workplace productivity →
Password friction and lockouts: what IAM teams need to fix?
Explore further
08/06/2026 5:26 pm
Password friction is a governance failure, not just a user complaint. When authentication repeatedly interrupts work, the identity programme is measuring control enforcement without measuring operational cost. That disconnect matters because IAM controls are only effective if people can complete their work without bypassing them. Practitioners should treat high lockout rates as evidence that the access model is misaligned with business use.
A few things that frame the scale:
- 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools, according to Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which shows how weak identity oversight remains in many environments.
A question worth separating out:
Q: What role should MFA play when passwords remain in use?
A: MFA should be the baseline control for sensitive access, but it will not solve poor recovery design or inconsistent enforcement. Teams need to make MFA mandatory where risk justifies it, then ensure enrolment and fallback paths do not push users back to passwords. Otherwise, the weakest path stays in place.
👉 Read our full editorial: Passwords and productivity: what 2,000 workers reveal about IAM
