AI Exposes the Limits of Password-Based Identity Security

Imprivata's Joel Burleson-Davis on AI-Driven Identity Sprawl, Password Phishing Tom Field (SecurityEditor) • December 29, 2025

Artificial intelligence is reshaping identity security by proliferating non-human identities. As enterprises prepare for 2026, organizations face growing pressure to rethink access controls and replace legacy authentication models, said Joel Burleson-Davis, chief technology officer at Imprivata.

See Also: Going Beyond the Copilot Pilot - A CISO's Perspective

"What we're seeing as we move into 2026 is this explosion of all the different things that we have to take into account, including machine identities and AI identities. That is going to be a huge sort of trend and challenge for 2026," Burleson-Davis said.

Traditional authentication methods struggle to withstand AI-enabled attacks, especially as threat actors use automation and phishing to exploit gaps in legacy workflows. "With the presence of deepfakes or AI attacks … it gets easier to phish a password … to convince a help ...