Multi-factor authentication (MFA), often referred to as two-factor authentication (2FA), is one of the most critical steps that an organization can take to protect their identities, and hosted MFA solutions are simplifying IT’s ability to implement MFA in their environments.
In order to understand why MFA has such a significant impact on security, let’s take a look at why single factor authentication is no longer a sufficient security measure.
Single-Factor Authentication is No Longer Secure on its Own
Single-factor authentication has typically taken the form of a username and password, and this method of authentication used to be pretty solid. In the past, users were able to login to their system and gain access to their productivity tools, network, files, and data. The key here is that users were able to get by with accessing their resources with one set of credentials. That matters because it made it simple and convenient for users to comply with company password complexity requirements because they only needed to remember one password, instead of ten for a whole host of resources.
Today, authenticating to resources with just a username and password is no longer sufficient. Sites are frequently being hacked and having their passwords leaked. Also, computing power has increased dramatically, so passwords and hashes can be cracked if they aren’t strong enough. Even if a hacker doesn’t have a powerful computer, the advent of social media has made it too easy to find the right kind of information needed to crack a password.
On top of that, Web-based applications have flooded organizations with new resources that IT has struggled to properly integrate into their environment. This has led to users creating multiple identities for their vast number of resources. Best security practices dictate each identity should have it’s own separate password, but users have gained a reputation for taking more convenient and less secure routes when it comes to their passwords. If you want to be assured of the security of your resources, single-factor authentication is simply not enough.
MFA – It’s All about What You Have
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Natalie Bluhm. Read the original post at: https://jumpcloud.com/blog/hosted-mfa-multi-factor-authentication/