Authentication has become a fraught topic.
As many as 81 percent of all breaches result from weak or stolen authentication credentials. So—fix authentication and we’ll fix a huge proportion of today’s cybersecurity and data theft problems.
Sounds plausible enough, but for the fact that the major authorities and standards bodies tend to be mixed on how to fix authentication. There are disagreements about:
- Whether or not to impose password composition rules
- Whether or not to expire passwords
- What minimum password lengths should be
- Whether or not to require identity data with secret questions
- Which kids of MFA are acceptable and secure
There are also, however, areas of agreement—including the fact that MFA is increasingly required for secure authentication. According to every credible authentication expert or organization, passwords alone are no longer adequate tools to secure data.
As a global leader in advanced authentication, we have strong opinions on this topic, so we’ve assembled a set of resources to help you to make decisions about authentication for your use case and organization.
Please contact us or see Plurilock’s list of other resources for answers to further questions about Plurilock’s authentication recommendations or Plurilock products. ■