How To Reduce Identity Theft with Multi-factor Authentication

How secure is your identity? Can you say with certainty that your passwords cannot be hacked?

Password Policies

It goes without saying that enforcing a good password policy is the first step in securing your identity, whether you opt for passphrases or passwords, some complexity on this is a must. This needs to be followed up by a lockout policy with some reasonable timeframe, too short and users are going to end up using low-entropy terms, too long and they’ll start using the same credentials for every other system. Finally, education is key, basic security principles and high entropy passwords are vital for users and business.

Password Self-Service with Multifactor Authentication

With so many credentials to manage using a password self-service solution is probably a good choice, most solutions like LogonBox password self-service can manage multiple systems all from a single interface, meaning, a user can log in with a single credential but manage passwords for a bunch more systems. Cloud and on-premise applications come with their own set of access management controls, introducing complexity to your team’s management workload, with something like a password self-service portal, users and admins only need to think about security from a single point, rather than having to manage each application/ user directory separately. This is a perfect place to introduce a two-step or multi-factor authentication policy at the portal, where a user needs to manage their password.

What is Multifactor?

Multifactor authentication combines two or more independent credentials: what the user knows and what the user has. The goal of multi-factor authentication is to create a layered defence and make it more difficult for an unauthorized person to gain access to your account if one factor is compromised or broken, the attacker still has at least one more barrier to breach before successfully breaking into the target. This can help lower the likelihood of identity theft, as well as phishing scams because criminals cannot compromise log-ins with usernames and passwords alone.

Benefits of Multifactor Authentication

Strengthens Security

The principle of MFA is that each factor compensates for the weakness of the other factors, for example, passwords and pins can be susceptible to brute-force or social engineering attacks. To help, you can supplement this single factor by adding an authentication factor that is not so easily guessed, like something you have, by authenticating users through their mobile device. This decreasing the chances of identity theft as now any would-be hacker needs not only to guess or brute-force your password, but needs your mobile phone as well — increase the number of factors, the more the hacker needs to have.

Supporting Compliance

Aside from encryption of data, a lot of compliance standards now specify that organizations need to implement multifactor authentication for certain situations either when logging in or resetting/ managing passwords. This is especially true when it comes to protecting sensitive data like personally identifiable or financial information. Multi-factor authentication is a step to take towards compliance.

Simplifying Login Process

Some might think having multiple authentication factors would make logging into accounts more complicated, but it can be the complete opposite, the added security gained by multifactor authentication actually allows companies to use more advanced login options like single sign-on.
For example, with LogonBox users are validated at login using multi-factor authentication (something you know combined with something you have), once the user is verified and authenticated, they are logged into their portal. Aside from resetting passwords to a collection of different systems like Active Directory, Office 365, Google etc., users can access assigned webapps without the need to log in for each app separately, using SAML and JWT technologies no passwords are ever shared between LogonBox and the target applications.

Multifactor Authentication is Essential

Strong authentication is no longer a nice to have, with data breaches on the rise, even SMBs are not immune. Businesses really need to consider ways of reducing the risk for themselves and for their clients. Companies are recognizing the threat of data breaches, the number of businesses affected is ever increasing and the breadth of targets has only broadened, no longer is it just a worry for enterprises. IT security is a top priority for many organizations especially with the rise of the cloud. Multifactor authentication is one of the better security measures you can implement to protect your company, users, and sensitive data.

Makers of @LogonBoxSSPR — free sspr, @LogonBoxVPN — free wg-vpn and @LogonBoxDirectory — free cloud ldap. www.logonbox.com.