High profile breaches continue to make headlines weekly. Many of these breaches involve the use of compromised credentials. Only a small percentage of cyber security professionals believe that username and password-based security remains an adequate form of protection. Many organizations are turning to multi-factor authentication (MFA) or two-factor authentication (2FA) to reduce the risk of stolen passwords. By adding a second authentication factor requirement to security policies, attackers are unable to access applications and networks or gain privileged access without the smartphone (e.g. something you have) or the fingerprint (e.g. something you are) required to complete the authentication process.
This paper examines best practices for deploying MFA.