Hardware MFA: Death to the password!
Protected
Passwords as a form of authentication are lame, and everyone knows it, but sadly, no one has taken the steps to replace or augment them. Passwords have been around since the days of the bell bottoms, and they are in dire need of a makeover. Leave the bell bottoms to Jimi Hendrix, Led Zeppelin, and Black Sabbath, so the rest of us can move forward to augmenting and replacing passwords.
Painful Password Statistics
Before I begin, I'll explore why a change is needed:
- According to the Verizon 2013 Data Breach Report [1], weak or stolen credentials account for 76% of network intrusions, and more than 50% use some form of hacking.
- A 2013 SplashData study [2] on data from an Adobe breach showed the top five most used passwords are: 123456, password, 12345678, qwerty, abc123.
- A 2014 Trustwave Global Security report [3] said weak passwords contributed to 31% of compromises investigated.
Without picking on any one organization, choose a company, a social network, and a cloud provider; now, look up their name plus the words data breach . Most likely, what you find isn't flattering, and much of it can be traced back to the dilapidated and hackneyed authentication mechanism – passwords.
Multifactor Authentication
Multifactor authentication (MFA) – also called two-factor authentication, two-step verification, TFA, T-FA, or 2FA – is an authentication approach that requires two or more core factors. It requires something you know (your password), something you have (physical authentication token or virtual MFA on a smartphone), and, in the case of biometrics, a third physical factor, such as a fingerprint, retinal pattern, and so on. My focus here will be the affordable hardware MFA options.
Note that I've included links to virtual MFA alternatives for you to explore, should you seek an even lower cost MFA alternative, but my focus herein is on hardware MFA. If you need to use this for yourself or your enterprise, you can choose to deploy a software token instead of the hardware tokens I am highlighting here.
Beyond Passwords
In days of yore, only a few large corporations had MFA options, and they were prohibitively expensive and difficult to deploy. A few major changes have taken place that have dramatically altered this market place.
Competition often spurs innovation and benefits consumers. In this marketplace, consumers can certainly see the positive outgrowth. You can now purchase either virtual MFA or hardware-based MFA options at pennies on the dollar compared with former prices. Today, you have a wide array of affordable options that can fit within almost any budget, from a small business to a large multinational. Whether you want to increase security accessing PayPal, add MFA to Amazon AWS, or bring MFA to your enterprise, you will find solutions herein (see the information boxes).
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.