Security News > 2022 > February > Traditional MFA is creating a false sense of security

Traditional MFA methods falling short for most organizations.

Multi-factor authentication spending and overall adoption is on the rise, following regulatory pressures from global initiatives, specifically the zero trust IT security model - but reluctance remains prominent.

49% cite poor user experience as a major obstacle for traditional MFA adoption, closely followed by 48% stating lack of system interoperability and integration, and cost rounding out the top three with 42%. In terms of password-MFA, many deemed the method as more of a burden, creating a greater impact on overall productivity.

"Peace of mind in your IT security comes from knowing that you're doing everything you can to ensure your network is protected. Security measures like ensuring you have MFA at every entry point, a password policy that enforces strong end-user compliance, and regular monitoring of your system are all vital steps to trusting your network is secure. Once you're actually hacked, it's vital to take what you know about your vulnerabilities and implement new safety measures to make sure it doesn't happen again," Darren Siegel, cyber security expert at Specops Software, told Help Net Security.

"Some easy one-off implementations include checking for breached passwords, encouraging the use of longer passwords, and getting started with a zero-trust model of network privileges. I'd recommend starting off with an audit for breached passwords using Specops Password Auditor to get a feel for how your password security stacks up and where you can begin to implement improvements," Siegel concluded.

The manufacturing sector was the second-largest adopter at 13%. 82% of the respondents believe strengthening their authentication security program is the major driver for passwordless MFA adoption.

News URL

https://www.helpnetsecurity.com/2022/02/16/insufficient-mfa-methods/