Password fatigue is when an individual feels overwhelmed, when required to remember an excessive number of passwords. This can lead to the use of simpler, insecure passwords as well as sharing the same passwords between multiple online accounts.
Breachalarm.com notes that roughly 625k+ passwords are stolen per day. We also regularly hear of websites and databases being attacked, and leaked to the internet. A recent Google Survey noted that at least 65% of people reuse passwords across multiple, if not all websites. Haveibeenpwned.com is an excellent resource for checking if your email address has been found in a breached database. But how can we prevent this in the first place?
Multi Factor Authentication (MFA) prevents threat actors using credentials, by introducing an extra hurdle to prove one’s identity. MFA methods fall into 4 key camps:
- Something you have
Some physical object in the possession of the user, such as a USB stick with a secret token, a bank card, a key, etc.
- Something you know
Certain knowledge only known to the user, such as a password, PIN, TAN, etc.
- Something you are
Some physical characteristic of the user (biometrics), such as a fingerprint, eye iris, voice, typing speed, pattern in key press intervals, etc.
- Somewhere you are
Some connection to a specific computing network or using a GPS signal to identify the location.
WatchGuard’s AuthPoint MFA is a powerful, yet surprisingly easy solution. It prevents unauthorised access via a simple cloud setup, in tandem with a mobile application. It requires users to supply information they know (username / password), with information on something they have, as well as other factors associated to the specific individual.
AuthPoint provides a highly secure MFA product using a push message, QR code, or one-time password (OTP). Their mobile device’s DNA also needs to match the authorised user’s phone, before granting access to systems and applications. Therefore, any attacker who clones a user’s device to access a protected system would be blocked, since the device’s DNA differs.
AuthPoint’s secure single sign-on (SSO) makes logins quick and easy. In addition, WatchGuard’s ecosystem includes dozens of 3rd party integrations with AuthPoint. This allows companies to require users to authenticate, before accessing sensitive cloud applications, VPNs and networks. AuthPoint supports the SAML standard, permitting users to log in once to access a full range of applications and services. In addition, the secure login feature provides online and offline authentication to Windows / Mac machines. This adds a simple and effective additional layer of security, especially with the rise in remote workers accessing their remote office.
Want to know more? Reach out to our WatchGuard team today!