Passwords Aren’t Enough Anymore
The business of cyberattacks is maturing. As the hacking industry grows in sophistication, attacks are largely being automated. It’s no longer enough to keep a password between you and possible attacks.
According to Microsoft, old advice like “never use a password that has ever been seen in a breach” or “use really long passwords” isn’t good enough anymore to prevent threat actors from getting into your network.
With a plethora of different methods available, neither a password nor it’s complexity can do much to prevent a breach from happening. As the cybersecurity landscape evolves, so should the methods used to fight against it.
Multi-factor Authentication Is the New Baseline
Instead of relying on passwords only, Microsoft recommends using multi-factor authentication to protect your assets.
“Based on our studies,” says Alex Weinert, Group Program Manager for Identity Security and Protection at Microsoft “your account is more than 99.9% less likely to be compromised if you use MFA.”
Multi-factor authentication is a process that uses an additional device to authenticate your users. If the person trying to log into your applications can’t authenticate their session, they cannot access applications even if they’ve stolen your password.
However, the drawback of using an SMS one-time password or biometric device to authenticate users is that it’s an additional step. When asked to authenticate the hundreds of applications used in business every day, team members can get frustrated and fatigued.
In an effort to address this problem, Onepath combines the security of multi-factor authentication with the convenience of single sign-on in a new offering called SecureID. With SecureID, users only need to authenticate their session once instead of every time they log into an application. Once signed into the portal, they have instant access to all of their various applications without needing to remember a password. Plus, they know it’s secure.