Here are Plurilock’s 2019 Authentication Guidelines

Authentication has become a fraught topic.

As many as 81 percent of all breaches result from weak or stolen authentication credentials.  So—fix authentication and we’ll fix a huge proportion of today’s cybersecurity and data theft problems.

Sounds plausible enough, but for the fact that the major authorities and standards bodies tend to be mixed on how to fix authentication. There are disagreements about:

  • Whether or not to impose password composition rules
  • Whether or not to expire passwords
  • What minimum password lengths should be
  • Whether or not to require identity data with secret questions
  • Which kids of MFA are acceptable and secure

There are also, however, areas of agreement—including the fact that MFA is increasingly required for secure authentication. According to every credible authentication expert or organization, passwords alone are no longer adequate tools to secure data.

As a global leader in advanced authentication, we have strong opinions on this topic, so we’ve assembled a set of resources to help you to make decisions about authentication for your use case and organization.

Plurilock Authentication Resources

PDF Guide 2019
This is our detailed analysis, industry summary data, and recommendations for your deployment.

Please contact us or see Plurilock’s list of other resources for answers to further questions about Plurilock’s authentication recommendations or Plurilock products. ■

Stay informed. Join our low-volume list for news and updates.


Plurilock is the leader in advanced, risk-based authentication. We provide invisible, device-free MFA for corporate endpoints, Citrix sessions, cloud applications, and their users in finance, healthcare, education, and SaaS.



Contact Plurilock

Have a question or comment? 

© 2018 Plurilock. All Rights Reserved. | Plurilock Cage Code L02Z7; DUNS 248484623