India MFA adoption sets new security baseline

India MFA adoption has reached 89.4 percent, according to India-specific findings from Okta’s Secure Sign-in Trends Report 2025. The report is based on analysis of billions of anonymised authentications across major customer accounts globally.

The data indicates that Indian enterprises have established a strong baseline in identity protection, significantly exceeding broader international averages for multi-factor authentication adoption.

Globally, the average MFA adoption rate across the workforce stands at 70 percent. In contrast, India-based organisations have moved close to full coverage, positioning the country ahead of many regions in foundational identity security.

Adoption continues to rise year over year

Despite already high penetration, India MFA adoption continues to grow. The report shows a year-over-year increase of 4.1 percentage points, indicating that identity security remains a sustained priority for enterprise leadership.

This growth comes at a time when nearly one-third of global users still lack basic MFA protection. Against this backdrop, India’s near-90 percent coverage stands out as a key differentiator for enterprise security resilience.

Global shift toward phishing-resistant authentication

The report also highlights a broader global trend toward advanced authentication methods. Worldwide adoption of phishing-resistant, passwordless authentication increased by 63 percent.

India’s progress in MFA adoption aligns with this global movement, reflecting a transition from traditional authentication models toward higher-assurance approaches designed to address evolving threat patterns.

Okta perspective on evolving authentication priorities

Commenting on the findings, Shakeel Khan, Country Manager & RVP, Okta India, said India’s MFA adoption rate demonstrates a proactive approach to digital defence by raising the cost of attack for cybercriminals.

He noted, however, that reliance on traditional MFA methods now represents accumulated security debt. According to Khan, the strategic imperative for organisations is to transition toward phishing-resistant, passwordless authentication, where identity moves beyond compliance to become a core element of digital transformation and competitive advantage.

Addressing risks in legacy authentication methods

Mathew Graham, Regional Chief Security Officer APAC, Okta, said traditional factors such as SMS and voice-based authentication are increasingly vulnerable to sophisticated social engineering attacks.

He said data from the report shows that phishing-resistant methods such as WebAuthn and FastPass help close critical security gaps while also reducing friction for users. According to Graham, the objective for security leaders is to build authentication architectures where the most secure sign-in method is also the easiest to use.

Key takeaways for Indian CXOs and IT leaders

The Secure Sign-in Trends Report 2025 confirms that for Indian enterprises, MFA is no longer an optional security layer. With strong adoption already in place, organisations are now positioned to mandate higher-assurance authentication standards.

The report highlights the need to prioritise phishing resistance for sensitive access, phase out low-assurance factors such as SMS, and adopt Zero Trust principles. It also underscores the importance of developing long-term roadmaps to reduce reliance on passwords and ensure identity functions as an enabler of productivity rather than a barrier.

Read More: 

Partner Pulse: Kiosk Technologies | System Integrator(India)

Samsung Business Experience Studio Gurugram launched in India

TO THE NEW GenAI conversational search launched