By Greg Keller Posted April 23, 2017
The password is dead. Long live the password.
People have been trying to kill the password for decades, but it hasn’t happened. If anything, developers and companies have built on top of the password, in an attempt to create more security, but these added layers still leverage the password.
Passwords aren’t inherently bad, but there is risk due to the fact that they can be more easily compromised than other mechanisms. It is possible to strengthen the password though, by combining it with other security measures. One of these methods is multi-factor authentication (MFA). Also called two-factor authentication (2FA), combining additional components to the conventional password creates a very strong, close to unhackable combination.
MFA was not always available though. Let’s take a look below at the many “deaths” and “rebirths” of the password – and how to secure your credentials in this new “era of MFA.”
Problems with Passwords
Passwords have been around since at least the time of the Roman empire and the first computer password was put in use by Fernando Corbató at MIT in the 1960’s.
In the IT world, passwords have proven a remarkably easy approach to control who can access certain IT resources. With the assumption that people would not share their password, or that a shared password was not made freely available, the concept of user management with a password made sense. An IT organization could limit access to those with an account and password that matched the one on the IT resource file.
Over time, hackers and nefarious individuals learned that if they had somebody’s password, they could log in and impersonate that person. This would grant them access to the associated IT resources. As more highly critical data moved online such as banking information, personal information, credit cards, and confidential data, the hackers started to target credentials as a easy way into these sensitive IT resources. As we have seen with thousands of major breaches, the hackers have been having success. In 2016 alone, 63% of all confirmed data breaches involved stolen credentials (idagent.com).
Multi-Factor Authentication (MFA) Solutions
The password is something that an individual knows. MFA adds another factor to the login process, and vastly enhances security in the process. Now a hacker not only needs something you know (i.e. a password), but they also need something that you have (e.g. a token).
This approach has changed the IT security landscape dramatically. MFA / 2FA makes it exponentially more difficult for an account to be hacked. In fact, in the era of the Internet where much of the hacking is done remotely, it can make an account virtually unhackable. Multi-factor authentication is a game changer.
As IT organizations consider using MFA along with passwords, they can rest easy knowing that they are taking significant steps to increase their security. When tied to a user’s system and their critical accounts such as email, the chances of an identity compromise decreases dramatically. Today’s cloud identity management platforms are taking steps to implement both system and application-level MFA. Directory-as-a-Service® is leading the way by integrating the concept of multi-factor authentication into the directory service and part of the login process for systems and single sign-on.
Learn More About Multi-Factor Authentication
If you would like to learn more about how passwords and multi-factor authentication are evolving in the market, drop us a note. Or, give our MFA a try for yourself. You can sign-up for a free cloud directory service account, where your first 10 users are free forever.