Examining Okta’s “5 Identity Attacks that Exploit Your Broken Authentication” Whitepaper

Okta 5 Identity Attacks that Exploit Your Broken Authentication

Identity and access management solution provider Okta recently released a brand new whitepaper: “5 Identity Attacks that Exploit Your Broken Authentication.” Their upfront premise is the traditional single-factor, password-based authentication is a broken authentication scheme. With identity becoming the new perimeter for enterprises, broken authentication is just as dangerous as having a broken firewall.

What does Okta consider the most devastating broken authentication exploits?

  • Broad-based Phishing Campaigns
  • Spearphishing Campaigns
  • Credential Stuffing
  • Password Spraying
  • Man-in-the-Middle Attacks

Of these broken authentication exploits, phishing attacks and other social engineering attacks are perhaps the most well-known as they have been increasingly prevalent due to their success rate. However, credential stuffing and password spraying are equally viable hacking techniques that take advantage of the weakness of passwords. The former uses the likelihood of duplicated passwords to access different accounts by the same user, while the latter attempts to use weak but common passwords like “password1” to gain access.

Okta recommends that enterprises stop relying on broken authentication schemes like single-factor logins. Instead, the solution is to deploy multifactor authentication (MFA). Phishing attacks generally can’t obtain the secondary or tertiary factors necessary to break into an MFA-protected network. Password spraying and credential stuffing also fail since neither stolen credentials nor weak credentials are enough to gain access to MFA systems.   

To diverge from Okta’s whitepaper for a moment, multifactor authentication does not need to be a uniform deployment. It can be varied based on the privileges of the employee in question or on the sensitivity of the data contained in a database. Even though MFA can be a hassle to deploy and work with, you wouldn’t compromise your physical security—why should you compromise your digital security?

You can read the full Okta “5 Identity Attacks that Exploit Your Broken Authentication” whitepaper here

Other Resources: 

The 10 Coolest IAM and Identity Security CEO Leaders

Privileged Access Credentials (With Identity Automation)

The Importance of Edge Use Access (With Identity Automation)

Managing Third-Party Privileges with Identity Automation

IAM vs CIAM: What’s the Difference?

The Role of Identity in Digital Transformation

The Current State of Biometric Authentication in IAM

Comparing the Top Identity and Access Management Solutions

The 32 Best Identity and Access Management Platforms for 2018

Thycotic Releases “2018 Global State of Privileged Access Management (PAM) Risk and Compliance”

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner