Bitwarden, the company behind the popular password manager, has released a brand new survey aimed at uncovering how developers feel about AI, passkeys, and much more. Bitwarden worked with Propeller Insights to survey 600 developers across a wide range of industries who play a critical role in software development. The survey, conducted in Fall 2023, gathered insights from 300 in the US and 300 in the UK on cybersecurity practices.
The survey shows that developers value implementing “secure by design” measures but are being hindered by technical challenges, staffing concerns, and limited security training. As development teams continue to manage a large number of passwords and other secrets, they must also guard against data breaches that are considered to be a major threat to their companies and leverage generative AI tools that offer promise but also bring forth other concerns. Here are some key findings from the survey:
- Developers are inputting a significant range of sensitive data into generative AI platforms, with potential risks involving developer secrets (35%), employee review data (30%), meeting details (29%), and more.
- 78% of software developers see generative AI as a concern for data security, but 83% of respondents note their organizations have already invested in AI technology to manage or analyze data, or both.
- 68% of software developers have used passkeys for work applications, yet only 36% believe FIDO2 and passkeys could replace passwords completely
- 48% of those surveyed revealed that wider adoption of passkeys will be a challenge over the next five years due to passwordless technology’s compatibility with legacy systems and password-dependent applications.
- Other developers consider education and adoption (17%) as hurdles for transitioning users to new authentication systems and balancing security benefits against what users can easily use
- 60% of developers manage 100 or more secrets; practices like hard-coding secrets in source code (65%) and keeping secrets in clear text (55%) are still widely used.
- 54% of developers surveyed spend 5 to 15 hours each week just managing secrets, showing a clear need for solutions to cut down this time.
- 91% of developers undergo security training annually, yet 21% engage in risky behavior, such as using public computers to access work data and networks.
“2024 Developer Survey highlights a move toward modern authentication like passkeys in work applications,” said Bitwarden CEO Michael Crandell. “However, it also shows risky practices continue despite regular security training. This data underscores the industry-wide challenge of translating security awareness into action. It’s clear there’s a need for accessible tools to help the developer community and organizations manage secrets securely, enforce strong authentication, and handle the risks of AI, while keeping innovation on track.”
9to5Mac’s Take
One of the key things I noticed was that people surveyed cited the implementation of a secret-management solution for their team in the year as an immediate priority. It’s clear that even in the wake of a fully passkey-driven world, enterprise password management solutions are here to stay.
Download the entire survey to learn more
FTC: We use income earning auto affiliate links. More.