The best thing you can say about using a password for authentication is that its better than nothing. High-profile breaches like Equifax have exposed millions of passwords and user IDs. The goal is to make it so difficult to gain access that most cyber criminals will look elsewhere for easier pickings. Many companies use a combination of authentication methods depending on the risk, user considerations and value of the data being protected to reach a reasonable expectation of security, says IBM security expert Dustin Heywood.”]