Press Release

Windows password-less authentication will fail and cyber insurance will surge despite soaring costs predicts WatchGuard

In its end of year look ahead, researchers at the WatchGuard Threat Lab predict that while Microsoft Windows password-less authentication will take off in 2022, cyber criminals will be quick to find ways to bypass it. Instead, the Threat Lab believes that the growing cost of cyber insurance will drive the uptake of strong multi-factor authentication (MFA) for remote access, as insurers demand better cyber defences to reduce soaring premiums. 

“While we commend the fact that Windows has gone password-less for digital validation, we also believe the continued focus on single-factor authentication for Windows logins simply repeats the mistakes from history,” says Corey Nachreiner, CSO at WatchGuard Technologies. Windows 10 and 11 will now allow you to set up completely password-less authentication, using options such as biometrics, hardware tokens, or an email with a one-time password (OTP), all of which have been compromised by researchers or cyber criminals. 

“Microsoft could have truly solved the digital identify validation problem by making MFA mandatory and easy to use in Windows,” says Nachreiner. “Organisations should force users to pair two methods of authentication, such as biometrics or tokens with a push approval to your mobile phone sent over an encrypted channel.” 

But if Microsoft does not force companies to embrace MFA, WatchGuard believes that the growing cyber insurance industry may do it instead. As cyber security insurers realise that the pay-out costs to cover ransomware threats have increased dramatically, they are not just demanding higher premiums but also now actively scan and audit the security of clients before providing cover. 
“In 2022, if you don’t have the proper protections in place, including MFA, you may not get the cyber insurance you need at the price you would like,” says Corey Nachreiner. 

According to a report from S&P Global, cyber insurers’ loss ratio increased for the third consecutive year in 2020 by 25 points or more than 72%. This resulted in premiums for stand-alone cyber insurance policies to increase 28.6% in 2020 to $1.62 billion USD. 

For more information and the full set of WatchGuard Threat Lab predictions including videos, go to: WatchGuard's 2022 Cybersecurity Predictions

And to see how last year’s predictions turned out, go to: 

About WatchGuard Technologies, Inc.

WatchGuard® Technologies, Inc. is a global leader in unified cybersecurity. Our Unified Security Platform™ is uniquely designed for managed service providers to deliver world-class security that increases their business scale and velocity while also improving operational efficiency. Trusted by more than 17,000 security resellers and service providers to protect more than 250,000 customers, the company’s award-winning products and services span network security and intelligence, advanced endpoint protection, multi-factor authentication, and secure Wi-Fi. Together, they offer five critical elements of a security platform: comprehensive security, shared knowledge, clarity & control, operational alignment, and automation. The company is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit

For additional information, promotions and updates, follow WatchGuard on Twitter, @WatchGuardUK on Facebook, or on the LinkedIn Company page. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at Subscribe to The 443 – Security Simplified podcast at, or wherever you find your favorite podcasts.

WatchGuard is a registered trademark of WatchGuard Technologies, Inc. All other marks are property of their respective owners.