Achilles Heel of Two-Factor Authentication

About This Presentation
Title:

Achilles Heel of Two-Factor Authentication

Description:

To use Google’s own words, account recovery is most definitely “the achilles heel” of multi-factor authentication. Organizations may want to consider solving this first, before you undertake a two-factor authentication solution. – PowerPoint PPT presentation

Number of Views:10

less

Transcript and Presenter's Notes

Title: Achilles Heel of Two-Factor Authentication


1
Achilles Heel of Two-Factor Authentication
  • Ironically, to reset one credential, you need
    another. And your organization is only as secure
    as your weakest account recovery credential.
  •  
  • Today, websites use a wide array of techniques to
    enable account recovery. Many rely on control of
    an email address or a cognitive secret.
    Manufacturers can associate a serial number with
    a given customer, and require control of a
    device. One solution proposed is to enable
    account recovery based on friend vouches.
  •  
  • To use Googles own words, account recovery is
    most definitely the Achilles heel of
    multi-factor authentication. Organizations may
    want to consider solving this first, before you
    undertake a two-factor authentication solution.
    It is vulnerable to hacking humans, which is the
    topic of an interesting talk this year at SXSW
    Interactive.
  •  
  • What is the best way to secure account recovery?
  •  
  • In many organizations, hardware is going to be a
    long-term fact of life. It represents an ancient
    trust model a physical key. Supporting hard
    tokens at scale is a challengeits logistically
    much more difficult than scaling a mobile
    authentication solution.

2
However, prices for hardware are going down, a
promising standard is on the rise (FIDO), and
combined with NFC, hardware tokens can be used to
authenticate to both a mobile device and laptop.
A lot of work needs to be done to make hardware
tokens easier to use by organizations. For
example enrollment is a logistical nightmare for
many hardware solutions.   Many new account
recovery solutions will utilize the telephone,
SMS, and mobile PUSH networks. These technologies
have the most potential to improve existing
account recovery systems, while providing a
fairly cost effective solution to support at
scale.   Biometric account recovery remains a
niche, but with the mainstream use of fingerprint
in the iPhone, and other clever uses for voice
authentication, biometric account recovery is
also clearly on the rise.   Article resource -
http//thegluuserver.wordpress.com/2014/05/16/how-
to-benchmark-ox-for-a-large-scale-deployment/
Write a Comment
User Comments (0)
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Achilles Heel of Two-Factor Authentication" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!