Unsurprisingly, all respondents rely on passwords to authenticate users of some business functions. The next most common authentication method, however, is static security questions (26 percent of organizations reported using this type of authentication). Together with a password, this still represents relatively weak authentication.