Hardware MFA: Death to the password!

Protected

Passwords as a form of authentication are lame, and everyone knows it, but sadly, no one has taken the steps to replace or augment them. Passwords have been around since the days of the bell bottoms, and they are in dire need of a makeover. Leave the bell bottoms to Jimi Hendrix, Led Zeppelin, and Black Sabbath, so the rest of us can move forward to augmenting and replacing passwords.

Painful Password Statistics

Before I begin, I'll explore why a change is needed:

• According to the Verizon 2013 Data Breach Report [1], weak or stolen credentials account for 76% of network intrusions, and more than 50% use some form of hacking.
• A 2013 SplashData study [2] on data from an Adobe breach showed the top five most used passwords are: 123456, password, 12345678, qwerty, abc123.
• A 2014 Trustwave Global Security report [3] said weak passwords contributed to 31% of compromises investigated.

Without picking on any one organization, choose a company, a social network, and a cloud provider; now, look up their name plus the words data breach . Most likely, what you find isn't flattering, and much of it can be traced back to the dilapidated and hackneyed authentication mechanism – passwords.

Multifactor Authentication

Multifactor authentication (MFA) – also called two-factor authentication, two-step verification, TFA, T-FA, or 2FA – is an authentication approach that requires two or more core factors. It requires something you know (your password), something you have (physical authentication token or virtual MFA on a smartphone), and, in the case of biometrics, a third physical factor, such as a fingerprint, retinal pattern,

... comments powered by Disqus