Multi Factor Authentication is the FutureVeridium Author | December 29, 2016
From our email accounts to our smartphones, we use passwords hundreds of times a day, often without even thinking about it. But time and again we’ve been shown over the last decade that passwords aren’t enough to keep our information safe. From the United Nations website hack in 2007 to the Yahoo hack in 2016, these attacks are growing in both scope and impact. And almost every time, it’s weak or compromised credentials that allow the bad actors access to the systems.
So what’s a security minded person to do? Switch to multi factor authentication (MFA), for starters.
Why Multi Factor Authentication?
Multi factor authentication is the first and foremost suggestion from every security expert when it comes to creating a stronger point of security for account access. The most basic example is requiring a one-time password to be entered in after you’ve input your username and password. Many are already familiar with this system, used by companies from Google to Twitter. You enter your cellphone number, and whenever you log in, you’re texted a code that you’re prompted to enter in after putting in your password.
This setup adds two important features to the login process. In addition to “something you know” (your password), you’re adding a second factor (your smartphone), and a third factor, the OTP. According to SecurityIntelligence, a recent survey found that 30 percent of enterprises plan to implement an MFA solution in 2017, with 51 percent saying they already use MFA, and 38 percent saying they use it in “some areas” of operation.
InfoSecurity Magazine recently reported that 66 percent of organizations are already using MFA tools, with an astonishing jump to 93 percent in the new year.
“Using a second-factor can be a deterrent but is no longer enough against attacks, and organizations must evolve their methods to safeguard critical points of access such as Single Sign-On (SSO) portals and the VPN,” Keith Graham, CTO of SecureAuth, told InfoSecurity. “By implementing adaptive access authentication, organizations can both eliminate that threat vector and provide an outstanding user experience. The latest advances in adaptive authentication include transparent techniques, such as device recognition, geo-location, the use of threat services, and even behavioral biometrics.”
What’s That About Biometrics?
There are numerous ways to deploy MFA in an organization, with a variety of different factors that can be used for the secondary and tertiary authenticators and even the primary ones in replacement of passwords. But the strongest form of authentication comes from biometrics.
Your fingerprints, iris, and even heart rate are so unique that they provide a key component that should be a part of any multi factor authentication solution. Instead of an OTP, using a facial recognition scan or a fingerprint as the third factor (primary and secondary remaining your password and smartphone), you create a much harder to duplicate authentication process.
The added advantage of biometrics is that you can insert them into any part of the MFA sequence. Instead of a passcode, many of us already use our fingerprint to unlock our smartphones. Deploying this in the enterprise or for our personal accounts is the next logical step.
Of course, we need to be sure that the biometrics solution we’re using is as secure as possible, in order to keep our biometric data both secure and private. Don’t wait another ten years to move beyond passwords and single-factor authentication. Make 2017 the year of multi factor authentication and biometrics.
UPDATE: In October 2017, news sources revealed that Yahoo’s 2013 breach actually affected all 3 billion of its users.