FEATURE : PASSWORDLESS FUTURE
connected to a VPN ,” he said . “ It is very hard to change and update passwords without being connected to network infrastructure , so many employees will have now had the same passwords for over a year . Even those that are connected to a VPN may be using easy to guess passwords as most VPNs don ’ t understand special characters .”
Belgrove claimed this small difference in circumstances poses a threat because criminals find weaker , repeated passwords easier to breach .
“ When credentials are breached and an individual is using the same password for every service , including work accounts , criminals can access corporate infrastructure quickly ,” he said . “ Once they have this access , it ’ s then fairly easy for them to use those credentials to escalate permissions until they have administration privileges , which grant them access to the gold they ’ re looking for – sensitive assets and information .”
Belgrove iterated that other verification methods are needed on top of MFA .
UNTIL A BETTER METHOD IS DEVELOPED TO REPLACE PASSWORDS , THE MOST EFFECTIVE PREVENTATIVE MEASURES ORGANISATIONS CAN PUT IN PLACE ARE ONES THAT SLOW ATTACKERS DOWN .
“ Its success does rely on organisations securing and verifying biometric credentials to ensure they cannot be seized , modified or duplicated by attackers , as it ’ s impossible for any of us to change our own retinal scan or fingerprint ,” he said . “ There have been instances where retinal and fingerprint scanners have been fooled into giving access , which is why MFA – and the additional layer of security it provides – is generally far more preferable than Two-Factor Authentication ( 2FA ).”
Managing machine security is important too
While MFA is crucial to bolster security defences , Checkmarx ’ s SCA and Open Source Evangelist , Robert Haynes , believes organisations should look beyond human password use .
44 INTELLIGENTCIO EUROPE www . intelligentcio . com