Secret Double Octopus Releases 2026 State of Identity Security in Financial Organizations Report
Survey of 200 IAM Leaders Reveals a Dangerous Confidence Gap: 82% Trust Their Authentication Controls Even as Phishing Surges and Just 28% of MFA Is Phishing-Resistant
Secret Double Octopus (SDO), the leader in enterprise-grade passwordless authentication, today announced the release of its 2026 State of Identity Security in Financial Organizations report. The study, based on a survey of 200 IAM leaders and stakeholders at financial services firms across the US and Canada, exposes a sharp disconnect between how protected these organizations believe they are and what their own responses reveal about the maturity of their identity security controls.
The headline finding is a confidence gap that should concern every security leader in the sector. While 94% of respondents reported that phishing attacks increased over the past year and only 28% of the MFA they use for workforce authentication is phishing-resistant, a striking 82% said they are confident their current controls can mitigate account takeover risk. As phishing-resistant and passwordless authentication become the regulatory baseline for strong authentication, that confidence looks increasingly difficult to justify.








