# Decoding tomorrow: Developer secrets, security and the future of passkeys Bitwarden surveyed more than 600 developers to understand how they perceive and implement security best practices. --- In this inaugural study, Bitwarden surveyed more than 600 developers to understand how they perceive and implement security best practices. The survey also polled attitudes and adoption practices related to IT security technologies and trends, including passwordless authentication, secrets management, and the cybersecurity risks associated with the rise of generative AI. [Embedded content sectionCta] ## Table of Contents [Secure-by-design](https://bitwarden.com/it-it/resources/security-survey-developer-secrets-and-the-future-of-passkeys/#developers-value-secure-by-design-but-fall-short-of-best-practices/) [Generative AI](https://bitwarden.com/it-it/resources/security-survey-developer-secrets-and-the-future-of-passkeys/#generative-ai-offers-both-promise-and-peril/) [Passkeys](https://bitwarden.com/it-it/resources/security-survey-developer-secrets-and-the-future-of-passkeys/#passkeys-while-valuable-wont-replace-passwords/) [Resources](https://bitwarden.com/it-it/resources/security-survey-developer-secrets-and-the-future-of-passkeys/#additional-resources/) ## Developers value secure-by-design but fall short of best practices - Almost all (94%) cite ‘secure by design’ principles as **very** or**extremely**important in the development process. - Although ‘secure-by-design' principles are important to developers, 26% claim implementation is **too time consuming** and 18% say they’re **too understaffed** and working tight deadlines. - And, practices like hard-coding secrets in source code (65%) and keeping secrets in clear text (55%) prevail. ![Risky secrets management practices persist](https://bitwarden.com/assets/K5N6LzBin5T7ujMLFp5Uz/35bfaa2addeec2ff4f38bab7b9b1edc1/risky_secrets_management.png) ## Generative AI offers both promise and peril - Over three-fourths (78%) strongly or somewhat believe generative AI will make maintaining [data security](https://bitwarden.com/it-it/blog/gramm-leach-bliley-act-data-security-practices/) more challenging. - Most (83%) have significantly or somewhat invested in AI technology. However, unsecure use is prevalent: 30% have entered developer secrets into a generative AI platform, 24% have entered privileged credentials, and 25% have entered social security numbers. - Over a third (38%) believe AI will pose the biggest cyber threat 5 years from now, followed by ransomware (19%) and poor cyber hygiene (16%). ![Risky use of generative AI is pervasive](https://bitwarden.com/assets/5lLK2vpjAu7dgwkH2kIS2B/5c6c9cc03641269855868e36eed7b2b0/risky_use_gen_ai.png) ## AI: A Renewed Need for Cybersecurity Survey finds 78% of developers identify AI as a security risk, yet they continue to input sensitive credential, financial and health data into AI platforms. ## Passkeys, while valuable, won’t replace passwords - A majority (88%) have a highly favorable or favorable attitude towards [passkeys](https://bitwarden.com/it-it/blog/how-do-passkeys-work/) and passwordless features. - Over two-thirds (68%) of developers have used passkeys for accessing work applications; 60% for accessing personal applications. - But while [FIDO2](https://bitwarden.com/it-it/blog/fido2-webauthn-2fa-in-all-bitwarden-plans/) and passkeys have received attention as a potential password alternative, just 36% think they will replace passwords. ![Passwords are (yes, still) here to stay](https://bitwarden.com/assets/4xetX4NEy5j4S9pER42RHl/b03dc421d798e59b6e7695725a79b350/passwords_here_to_stay.png) ## Passwordless Authentication: Balancing Security and Convenience 68% of developers have embraced passkeys for work applications, indicating a shift towards modern authentication technologies. Over a third (36%) see FIDO2 and passkeys as likely successors to passwords. ## Additional Resources View the full report: [Decoding Tomorrow: Developer Secrets, Security and the Future of Passkeys](https://docs.google.com/presentation/d/1AoEg_q3z7gXaYm1KurpLE2WCjwc_hYYVLlFAIyStlsc/edit#slide=id.g284bbf5bf14_0_100) Check out [The Survey Room](https://bitwarden.com/it-it/resources/the-survey-room/) for additional cybersecurity research or visit [bitwarden.com/secrets/](https://bitwarden.com/it-it/http://bitwarden.com/secrets/) to learn more about coding securely. ## Business ### Teams *Per team e aziende in crescita che devono muoversi rapidamente.* **$4** *al mese / per utente, con fatturazione annuale* **Nessun compromesso** Tutte le funzionalità Premium, più funzionalità avanzate come: - Condividi le credenziali in modo sicuro - Controlla le attività con i log eventi - Sincronizza la directory esistente - Automatizza il provisioning con SCIM [Avvia la prova gratuita](https://bitwarden.com/go/start-teams-trial/) --- ### Enterprise *Per aziende che necessitano di protezione e controllo avanzati.* **$6** *al mese / per utente, con fatturazione annuale* **Massima protezione** Tutte le funzionalità Premium e Teams, più funzionalità di livello enterprise come: - Controllo granulare degli accessi - Integrazione SSO senza password - Recupero account semplificato - Flessibilità di self-hosting - Mitigazione dei rischi con Access Intelligence [novità] - Piano Families gratuito per tutti gli utenti [Avvia la prova gratuita](https://bitwarden.com/go/start-enterprise-trial/) --- ### Talk to Sales *For large organizations, talk to an expert about a tailored plan and learn how Bitwarden can:* *per month* - Reduce cybersecurity risk - Boost productivity - Integrate seamlessly Bitwarden scales with any sized business to bring password security to your organization [Richiedi un preventivo](https://bitwarden.com/contact-sales/) --- Pricing shown in USD and based on an annual subscription. Taxes not included.