Last Wednesday I published my MFA Primer series and part two looks at this type of cyber attack against multi-factor authentication. In brief when the threat actors have a valid set of credentials they repeatedly try and access the service with them, generating multiple MFA requests to your authenticator app. …
MFA – A Primer
For the Wednesday Bit this week I am going to point you at a series I recently wrote about multi-factor authentication (MFA) – whilst I go out and do some Christmas Shopping! MFA is an important part of any cyber security plan and you should at least understand the basics …
Back-to-Basics MFA
I have published another part in my Back-to-Basics MFA Mini-series over on CyberAwake. What’s Wrong with MFA – CyberAwake
Microsoft raises the security bar
Microsoft is going to automatically deploy a policy for many of it’s customers that will make it mandatory for administrator users to use MFA. Microsoft will roll out MFA-enforcing policies for admin portal access (bleepingcomputer.com) Of course the admins could turn this policy off – but why would they? Watch …
Move away from text- or voice-based multi-factor authentication
Let’s take a look at what good multi-factor authentication is. I am writing a mini-series for CyberAwake about the mistakes users make when choosing a secure password and how hackers can exploit those mistakes, so a quick look at MFA seems like a good idea. What is multi-factor authentication? A …
Continue reading “Move away from text- or voice-based multi-factor authentication”