Traditional identity verification methods have become less effective, and they’re exposing organizations to dangerous cyberattacks. But a risk management approach that includes multi-factor authentication, among other tools, can safeguard agency networks and data.
Discover the advantages and disadvantages of how you combine different factors. If you still think a password plus an SMS text code is MFA, you really need to read this article!
Before I can demonstrate the ultimate way to secure passwords and password management, I need to first discuss the truth about MFA.
It is true that increased sophistication of certain cyberattacks require equally serious emergency preparedness. But let’s not make it so easy for cyber criminals to take advantage of us by following a few simple guidelines to protect ourselves and the public organizations we work for.
Security or convenience is no longer an acceptable trade-off when it comes to cybersecurity. They must be mutually inclusive, otherwise employees will circumvent security for their own personal convenience. NIST and Microsoft understands this to a degree, but in the latest NIST Password Guidelines SP 800-63-3 the recommendations favors password convenience over password security.
Don’t kill passwords because the industry is confused between password authentication and password management.
Yes, Passwords are Secure! They are not going away; they can’t. The attacks we see daily is not a password authentication problem, but rather a password management nightmare. Has your organization put their employees into the role of Network Security Administrator? If you allow them to generate, remember, type, manage and know their logon passwordsRead… Read more »