Why IT Matters
Four out of every five recent breaches resulted from compromised credentials. (Centrify)
Better multi-factor authentication could have prevented 80 percent of breaches. (Symantec)
Over the course of 2018, two-thirds of all small- and medium-sized businesses experienced cyberattacks. (Ponemon)
GLOBAL CYBERCRIME DAMAGES
By 2021, global damages from cybercrime will will reach $6 trillion—twelve times the value of the global trade in illegal drugs. (Cybersecurity Ventures)
trying to fix it
Multi-factor authentication (MFA) is the best defense against ongoing threats.
With MFA you can log in only after providing something that you have or are in addition to something that you know.
Something You Know
✓ Shared secerets
Something You Have
✓ Hardware token
✓ Mobile phone
✓ Common access card
Something You Are
✓ Facial structure
✓ Behavior and habits
Passwords? Not so much.
Standards bodies agree on the need for MFA and strong passwords.
They disagree on how to maximize password strength.
why authentication is complicated
The Easy-Hard Problem
Passwords that are hard to crack are also hard to remember and enter.
Passwords that are easy to remember and enter are also easy to crack.
The IN-BAND Problem
SMS and apps, the two leading MFA tools, may deliver credentials to the same device being authenticated.
The COPY-NO-CHANGE Problem
Fingerprints and face scans have proven to be easier to duplicate than initially imagined, yet can't be changed once compromised.
Each conventional factor
has strengths and weaknesses
of common MFA factors
of common MFA factors
The industry's Next Step:
a composite that combines them
leverages conventional MFA concepts in new ways.
This composite authentication strategy adaptively evaluates any available identity factors all at once.
This is what we do at Plurilock.
2019 Authentication recommendations From Plurilock
Use 2+ Identity
Something a user Knows
A password or passphrase.
Something a user has
A mobile phone or hardware token.
Something a user Is
User behavior or traditional biometric data.
Make Passwords Better
Each additional character exponentially increases security.
Avoid a breach domino effect by using a new password for each account.
A list of random words is easier to recall than random characters or numbers.
Choose High-Quality, Out-of-Band Factors
Password entry on laptop +
Authenticator app on mobile phone
Password entry on mobile phone +
fingerprint scan on mobile phone
Password entry on
mobile phone +
SMS code delivered to
These guidelines represent the minimum baseline for secure authentication.
What does strong authentication look like?
Read our 2019 Authentication Guide
Stay informed. Join our low-volume mailing list for Plurilock and cybersecurity news and updates.
PLURILOCK IS THE LEADER IN ADVANCED AUTHENTICATION
© 2020 Plurilock. All rights reserved.
Plurilock Lead Capture Block
Welcome to Plurilock!
We’d love to hear about your interest in our products.
We'd like to provide you with more info. How can we reach you?
|*||Enter your email above to agree to receive commercial electronic communication from Plurilock via email.|