Password resets in healthcare: what passwordless changes for IAM teams

TL;DR: Healthcare organisations report that password reset volume is straining help desks and disrupting clinical work, with 43% citing high reset volume as a top authentication challenge and 40% of IT leaders naming increased workload as a key negative impact, according to Imprivata research. Passwordless access matters because it removes a recurring operational failure in human identity workflows, not just a convenience issue.

NHIMG editorial — based on content published by Imprivata: reducing password reset tickets and the case for passwordless access in healthcare

By the numbers:

• 40% of healthcare IT leaders cite increased IT and help desk workload as one of the top negative impacts from password management at their organisation.
• 85% of healthcare IT and security leaders view passwordless authentication as a vital component of their long-term identity security and access strategy.

Questions worth separating out

Q: How should healthcare organisations reduce password reset tickets without weakening access security?

A: Move routine recovery away from password-first support and into self-service flows backed by strong identity verification.

Q: Why do password resets create more risk in healthcare than in many other sectors?

A: Healthcare combines time pressure, shared devices, remote access, and critical workflows, so reset decisions are often made quickly and with limited context.

Q: What do organisations get wrong about passwordless access?

A: They often treat it as a user convenience upgrade rather than an authentication architecture change.

Practitioner guidance

• Map reset volume as an identity risk metric Track password reset demand by role, shift pattern, and system type so you can see where authentication design is creating operational drag and exposure.
• Redesign self-service recovery for clinical workflows Build recovery paths that work for shared workstations, mobile devices, and rotating shifts without relying on help desk escalation.
• Prioritise passwordless on the highest-friction access paths Start with the systems and user groups that generate the most resets, then expand to broader clinical access patterns once the recovery flow is stable.

What's in the full article

Imprivata's full article covers the operational detail this post intentionally leaves for the source:

• Quantified findings on how often healthcare teams are dealing with password reset demand and where the workload lands.
• The article's discussion of self-service password reset and identity verification flows for on-site and remote staff.
• The specific role of biometric, FIDO2-based, and adaptive authentication methods in removing password dependency.
• The source's framing of how passwordless access supports both clinical productivity and security operations.

👉 Read Imprivata's analysis of password reset pressure and passwordless access in healthcare →

Password resets in healthcare: what passwordless changes for IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →