Identity & Access Management
Education Level: Intermediate
5314 - Strongest First Factor: Password-less Secure Logins in Your MFA
Tuesday, September 26
3:00 PM - 4:00 PM
Passwords are the ubiquitous first form of defense and they are inherently static, suffering from several attacks such as phishing and key logging. Second factors (tokens, out-of-band SMS text messages) and third factors (biometrics) come at the expense of convenience and add resilience. But they still rely on the password as first-line factor.
This presentation gives an overview of a novel, hybrid, zero-knowledge, password-proof solution that is at least two orders resilient to all the attack vectors that traditional passwords are vulnerable to . Yet it retains the “password experience.” Key benefits include (a) avoiding complex password policies in terms of variance/strength; (b) less need to change passwords on a regular basis; and (c) effortless compliance with several regulatory standards. In combination with single-sign-on protocols and as desired additional factors, the solution can provide a stronger online authentication than any scheme with passwords.
Learning Objectives:
- Learn password alternatives for a stronger and realistic first factor in an MFA.
- Learn how simple techniques can avoid complex password policies and their traditional change routines as a best practice.
- Discover how to combine this method with SSO to make it seamless across enterprise and federated logins.
