Insecure password practices are exploited in 81% of cyber attacks worldwide, and 61% of all attacks target businesses with less than 1,000 employees. While employee education and training can help, what’s most needed to reverse this trend is for authentication to require additional proof of identity beyond simple username and password, and to be widely deployed by all companies – no matter their size. Only then, will cyber criminals no longer be able to use stolen credentials to access and infect systems or steal data.
Most employees are not intentionally trying to compromise company security; however you should ask yourself what password practices they now use to cope with the proliferation of online accounts requiring them. According to an often-quoted study by Microsoft Research, “The average user has 6.5 passwords, each of which is shared across 3.9 different sites. Each user has about 25 accounts that require passwords, and types an average of 8 passwords per day.”
A 2015 Dashlane survey revealed that each person had over 90 online accounts, and had to reset their password using a “forgot password” link for 37 of those accounts in the prior year. Companies that require frequent resetting of passwords make it even harder for users to craft strong passwords and then later recall them. In this environment, it’s understandable that users have simplified their passwords – creating ones that can be serialized - and limiting them to a few that are used across multiple accounts.
http://fortune.com/2017/12/19/the-25-most-used-hackable-passwords-2017-star-wars-freedom/
For businesses, as employees use simpler and weaker passwords – this puts networked resources at a greater risk for breach. Even worse, when an employee’s credentials are stolen from other sites and the credentials happen to contain the same password that gives them entry to your privileged networks, then the hackers can walk right in the front door masquerading as the user…and you are none the wiser.
We’ve reached the limit of the protection that solely password-based access to systems can provide. What’s needed are additional measures to ensure the identity of the user…which is what multi-factor authentication (MFA) provides.
Given that usernames and passwords are often the only hurdle to accessing systems that yield financial rewards, hackers have taken a keen interest in lifting them when they can. Some common ways to compromise this information include:
Once they have valid credentials, they will use them to access systems and steal data, consume resources with botnets, install ransomware, and even steal more credentials that might unlock other networks and personal data.
Multi-Factor Authentication Solution
Keep Criminals Outside Your Network with AuthPoint
Our unique multi-factor authentication (MFA) solution not only helps to reduce the likelihood of network disruptions and data breaches arising from lost or stolen credentials, but we deliver this important capability entirely from the Cloud for easy set-up and management. AuthPoint goes beyond traditional 2-factor authentication (2FA) by considering innovative ways to positively identify users, and our large ecosystem of 3rd party integrations means that you can use MFA to protect access to the network, VPNs, and Cloud applications. Even non-technical users find the AuthPoint mobile app easy and convenient to use!
Ensure Every Point of Access Is Protected
WatchGuard’s technology ecosystem includes an extensive lineup of documented 3rd party integrations with AuthPoint, including the most popular cloud applications, web services, VPNs and networks. Ensure every point of access is protected with AuthPoint by leveraging its powerful technology ecosystem.
Every day, cyber criminals use stolen credentials to access and infect systems or steal data. What’s most needed to reverse this trend is for authentication to require additional proof of identity beyond simple username and password, and to be widely deployed by all companies – no matter their size.
WatchGuard AuthPoint™ is the right solution at the right time to address this security gap with multi-factor authentication on an easy-to-use Cloud platform. With a simple push notification, the AuthPoint mobile app makes each login attempt visible, allowing the user to accept or block access right from their smartphone. WatchGuard’s unique approach adds the “mobile phone DNA” as an identifying factor to further ensure that only the correct individual is granted access to sensitive networks and Cloud applications.
MFA has been out of reach for some organizations due to the complex integrations and burdensome on-premises management, which makes it impossible to implement without a large IT staff and considerable up-front expense. By contrast, WatchGuard’s AuthPoint solution is a Cloud service, so there’s no expensive hardware to deploy, and it can be managed from anywhere using WatchGuard Cloud’s intuitive interface. Additionally, our ecosystem offers dozens of integrations with 3rd party applications – ensuring that MFA protection is broadly applied for access to sensitive Cloud applications, web services, VPNs and networks. AuthPoint users can sign in once to access multiple applications, and they appreciate being able to add 3rd party authenticators, such as for Facebook or Google Authenticator, to the friendly mobile app.
Insecure password practices are exploited in 81% of cyber attacks worldwide,
and 61% of all attacks target businesses with less than 1,000 employees.
-Verizon’s 2017 Data Breach Investigations Report