Keeping accounts and credentials secure requires on-going development and the implementation of sophisticated techniques. As phishing campaigns continue to grow in frequency and their methods become more advanced, authentication processes must also continue to improve. The next generation of multi-factor authentication (MFA) is here with phish-resistant MFA.
To understand the importance of phish-resistant MFA, let’s go over an example of a weakness of traditional MFA, how it can be exploited, and then discuss where phish-resistant MFA removes the weakness from the equation.
With traditional MFA there are multiple ways the user can confirm their identity from another device. These include having a code sent to your phone via text messaging, a code being generated in an app on your phone (Authenticator), or a code request appearing on screen requiring you to match the code on your device. While these methods are more secure than traditional passwords, they share a weakness in that human interaction is required. This can be exploited by bad actors through phishing techniques such as social engineering, fake websites, and vishing just to name a few. If they succeed in tricking a user to provide them with these codes, then they have bypassed the MFA and the account is compromised.
This is where phish-resistant MFA comes in. To configure this type of MFA, users setup a hardware token equipped with a biometric authenticator such as a fingerprint reader. Without getting too far into the technical details, this solution creates a cryptographic pair between the account and your hardware token, and the account now trusts this device. When attempting to log in, by verifying your identity by plugging in your hardware key and placing your fingerprint on the reader, the account can confirm the log in attempt is legitimate and grant you access without the need for a password or manually entered code. This method enhances security by removing the use of one-time codes being displayed to users that they may be tricked into sharing.
There has been a push for MFA requirements over the past few years across many industries and phish-resistant MFA is quickly becoming the new standard. Now is the time to consider adding this to your security toolbox. To learn more, contact the CSOLVE team.
2023 has seen record breaking cost of living increases leading to financial strain on many Canadians. As a result, food banks across the country are experiencing overwhelming demand and need our support more than ever.
The holidays are an important time to give and each year CSOLVE donates to local food banks to support our communities. This year, financial donations were made to each of the following organizations:
- Elmvale & District Food Bank
- Georgina Community Food Pantry
- Salvation Army Midland
- Barrie Food Bank
