Passwordless MFA ROI Calculator

Discover the financial returns your business will see by investing in a Phishing-Resistant Passwordless MFA solution

Tell us about your business
Close compliance gaps and qualify to buy cyber insurance.
Your TCO, financial gains, and ROI
8 times your investment
35 times your investment
Double Octopus customers regularly achieve these phenomenal returns on investments.
SEE FULL RESULTS
Helps your workforce move faster, do more
Passwordless MFA streamlines authentication for all of your workforce resources, enterprise-wide: from desktops to remote access and cloud services to business-critical on-prem and legacy apps.
Time to remember & type the password & MFA
15 sec

Default value is based on empirical test by author for 12 char complex password, your time may vary. SDO passwordless MFA takes ~ 5 sec.

Average number of logins in a working day
20/day

20 was chosen as default based on the author’s personal experience and a small survey of the author’s acquaintances. Change the value to best fit your workforce.

Workforce FTE recovered with Full Passwordless MFA
$560,417
Eliminate Help Desk Password Resets
Full Passwordless helps lower the costs of authentication by eliminating helpdesk password rests and other password administration tasks.
Number of account lockouts per year, per worker
8 /yr

According to Slack and Gartner, average number of password reset help desk calls per employee is 8 per year:

Time for helpdesk & user to resolve lockout ticket?
8.6 mins

Research indicates average time to resolve help desk ticket is 8.6 mins:

Time for users to task switch back to productive work
9.5 mins

Research shows it takes up to 9.5 minutes for employees to get back into a workflow after switching tasks:

Help Desk FTE not resetting password impact
$46,268
Workforce FTE not calling Help Desk for reset impact
$97,378
Slash the Attack Surface
Phishing-resistant passwordless MFA is an effective preventative measure against multiple types of attacks. Removing passwords as a means to authenticate users renders many of the most common and successful attack techniques useless.
Frequency of data breach (per year)
0.50/yr

½ incident occurrence was chosen as default based on Thales research indicating 50% of business experience a data breach each year. You may wish to increase or decrease based on your risk exposure:

Avg cost of data breach
$4,240,000

Total cost of data breach was derived from IBM research: You may wish to change value based on your risk exposure:

% of data breaches due to users and their credentials
82%

Verizon DBIR indicates 82% of attacks exploit user and their credentials:

Your financial gain by avoiding data breaches, annually
$1,738,400
Business valuation loss after a data breach
3.6%

Research indicates companies working through data breaches lose 3.6% of company valuation within the first 110 days, 15% after 3 years. You may wish to change value based on your risk exposure:

Your business valuation improvement with Full Passwordless MFA
$1,476,000
Close compliance gaps and qualify to buy cyber insurance
Enterprise-wide passwordless MFA fulfills compliance and cyber insurance qualification gaps while paying business dividends by slashing the attack surface and improving workforce productivity.
Desktop and application MFA mandate
Remote worker (VPN) MFA mandate
Password rotation requirement
SDO Total Cost of Ownership Annual Estimate
Passwordless MFA streamlines authentication for all of your workforce resources, enterprise-wide: from desktops to remote access and cloud services to business-critical on-prem and legacy apps.
Here is the total cost of ownership (TCO) estimate used in the ROI calculations. This estimate incorporates the following items based on your inputs:
$91,155

“The default TCO estimate is based on the information you provided. However, after speaking with SDO sales, you can change it to your actual cost to produce your business justification report.”

  1. Annual subscription fee for the specified workforce size.
  2. Implementation service hours commonly requested by our customers.
  3. Your Workforce user enrollment: self-enrollment and workflow familiarization time (SDO experience: ~30 mins).
  4. Administration overhead (SDO experience: one FTE per 10-20 thousand users).
Download the report for your business justification communications
Download

Number of employees and contractors who need Fully Passwordless 1,000
Company’s estimated valuation $50M
Weighted full-time equivalent (FTE) cost $80,700/yr
Predicted frequency of data breaches (per year) 0.50/yr
Estimated total financial impact of a single data breach $4,240,000
   IBM research indicates $4.2M per incident
Percentage of data breaches originating from users and their credential exploited 82%
   Verizon DBIR report indicates 82%
Business financial gain by avoiding data breaches $ 1,738,400
Percentage estimated business valuation loss after a data breach 3.6%
   Research indicates companies working through data breaches lose 3.6% of    company valuation within the first 110 days, 15% after 3 years.
Your business valuation improvement with Full Passwordless MFA $4.25014
Slashing the attack by surface pays dividends $3,214,400
Time to remember, type the password, and perform traditional MFA 15sec
The average number of logins in a working day per user 20/day
Total workforce FTE improvement with Full Passwordless MFA $280,208
Number of account lockouts per year, per worker 8/yr
Time for helpdesk & user to resolve lockout ticket 8.6mins
Time for users to task switch back to productive work 9.5mins
   Research shows it takes up to 9.5 minutes for employees to get back into a      workflow after switching tasks
Help Desk FTE improvement by eliminating password reset tasks $46,268
Workforce FTE improvement not calling Help Desk for password reset $97,378
Desktop and application MFA mandate Yes
Remote worker (VPN) MFA mandate Yes
Password rotation requirement Yes
Full Passwordless MFA total cost of ownership (TCO) $91,155
Workforce productivity FTE company-wide improvement. $423,854
Return times the investment 11 X
Slashing your attack surface by 82% pays dividends $3,214,400
Return times the investment 27 X

FAQs

What is the Passwordless MFA ROI calculator?

The passwordless MFA ROI calculator is a financial analysis tool IT leaders use to determine if investing in passwordless MFA makes sense for their business. Just fill in the number of workers, the approximate market value of your company, and the Full-time equivalent (FTE) for workers and you’ll see productivity and security posture improvements based on default assumptions. Open the second section to run “What If” scenarios specific to your organization and create a PDF of calculation results to share with other decision-makers and the discussion.

How does the Passwordless MFA ROI calculator demonstrate attack surface reduction?

Estimating the value of preventing a security event from happening is tricky. The passwordless MFA ROI Calculator incorporates industry statistics on the frequency of identity attacks and financial damages resulting from these attacks on a business. Customize your known risks to tune calculations.

How does implementing Passwordless MFA impact user productivity, and is this quantified?

The passwordless MFA ROI calculator only scratches the surface of potential user and IT admin productivity gains achieved by eliminating passwords. The calculator incorporates the accumulated time saved by users at every login cycle and the productivity killer–password lockout Help Desk calls–from both sides. Additional savings come from eliminating quarterly password rotation cycles and freeing up cycles for IT innovation.

How long does it take to implement Octopus?

Not long at all. The Double Octopus Passwordless MFA solution is different and better than other passwordless technologies because it works with modern SSO and FIDO2 apps and the essential password apps driving your business. Other passwordless technologies (WHfB, Okta FastPass, etc.) force IT to do the heavy lifting matching their integration model, which means altering what you already have in place (apps, directories, authenticators).

With Octopus, you don’t recode apps or re-architect identity infrastructure to go passwordless. Connecting Octopus Cloud to your infrastructure and starting onboarding users takes about an hour (watch the video). To get enterprise-wide coverage, you will finish in days or weeks (instead of months and years).