Microsoft says that MFA-enabled accounts are 99.9% less likely to be compromised, however, less th an 10% of enterprise users use MFA. The latest NIST password guidelines, published under NIST 800-63, recommend against both password complexity and password expiry. Users will inevitably find the easiest, most convenient way to meet the complexity policy. Password complexity policies make passwords more predictable and often lead to poor security practices like the old ‘password on a post – it’ scenario. Traditionally, we overcame weak passwords by implementing password complexity and expiry policies with the addition of multi-factor authentication (MFA), but these practices were not always user-friendly and were burdensome to manage.
Large-scale data breaches are being reported more and more frequently in the media with more than 80% of hacking-related breach es involving compromised or weak credentials. Passwords have long been a daily part of our lives, but in today’s modern, cloud-first world the use of passwords alone leaves us increasingly more vulnerable to compromise.
0 kommentar(er)
