{"id":4094,"date":"2018-12-17T15:42:23","date_gmt":"2018-12-17T19:42:23","guid":{"rendered":"https:\/\/solutionsreview.com\/identity-management\/?p=4094"},"modified":"2018-12-17T15:50:08","modified_gmt":"2018-12-17T19:50:08","slug":"2019-future-of-password-security-mfa","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/","title":{"rendered":"2019 and the Future of Password Security and MFA"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-3372\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/sunrise-over-the-earth-mod.jpg\" alt=\"2019 and the Future of Password Security and MFA\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/sunrise-over-the-earth-mod.jpg 800w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/sunrise-over-the-earth-mod-300x150.jpg 300w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/sunrise-over-the-earth-mod-768x384.jpg 768w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/sunrise-over-the-earth-mod-540x270.jpg 540w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/sunrise-over-the-earth-mod-162x81.jpg 162w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/sunrise-over-the-earth-mod-360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Almost a year ago, the editors of Solutions Review\u2019s Cybersecurity team asked if <\/span><a href=\"https:\/\/solutionsreview.com\/identity-management\/passwords-traditional-access-management-dead\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">passwords and traditional access management<\/span><\/a><span style=\"font-weight: 400\"> were dead.<\/span><\/p>\n<div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"iam-inject\" href=\"https:\/\/solutionsreview.com\/identity-management\/biometric-authentication-buyers-guide\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" title=\"Biometric Authentication Buyer's Guide\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/01\/biometric-authentication-speedbump-cta.jpg\" alt=\"Download Link to Biometric Authentication Buyer's Guide\" width=\"800\" height=\"225\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">We wrote this article not to be alarmist. Instead, we asked whether passwords should still serve as part of modern enterprises\u2019 identity and access management platforms. Evidence suggests they constitute a major vulnerability and attack vector. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">81% of confirmed data breaches involve weak, default, or stolen passwords according to the Verizon <\/span><i><span style=\"font-weight: 400\">Data Breach Investigation Report. <\/span><\/i><span style=\"font-weight: 400\">Moreover, according to an interview with <\/span><a href=\"https:\/\/www.intelligentcio.com\/eu\/2018\/12\/14\/interview-logmein-expert-on-strengthening-password-security\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">Rachael Stockton<\/span><\/a><span style=\"font-weight: 400\">\u2014Director of Identity and Access Technologies at LogMeIn\u201459% of users repeat their stolen passwords. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">However, these grim findings assume enterprises continue to use single-factor authentication\u2014a protocol becoming rapidly outdated in the wake of modern data breaches. But what, then, is the future of password security in 2019? How does the future of password security line up with the future of two-factor authentication (2FA) and multifactor authentication (MFA)? <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Here are some of our findings:<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Incorporating The Future of Password Security into MFA<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">If there is to be a future of password security, enterprises need to enforce stronger passwords among their users\u2014employees, contractors, and other third parties alike. According to a recent report from <\/span><a href=\"https:\/\/solutionsreview.com\/identity-management\/splashdata-releases-top-100-worst-passwords-2018\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">SplashData<\/span><\/a><span style=\"font-weight: 400\">, nearly 10% of users selected at least one of the 25 worst passwords for one of their accounts. This cannot continue. \u00a0\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Allowing users to utilize passwords in their authentication can prove a welcome way to improve IAM adoption across the network; studies find users do <\/span><a href=\"https:\/\/solutionsreview.com\/identity-management\/new-insights-stand-biometric-authentication-practices\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">overwhelmingly prefer passwords<\/span><\/a><span style=\"font-weight: 400\"> over biometrics, perceiving the former to be more convenient. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">However, if your enterprise plans to use passwords in its access management processes, you must mandate the strongest possible passwords. During the onboarding stage, users must be <\/span><a href=\"https:\/\/solutionsreview.com\/identity-management\/enterprises-need-biometric-authentication-password-revolution\/\" target=\"_blank\" rel=\"noopener\"><i><span style=\"font-weight: 400\">assigned<\/span><\/i><\/a><span style=\"font-weight: 400\">, rather than allowed to create, a unique password which cannot resemble any other passwords the user currently owns. While this constitutes a huge undertaking for your IT security teams, it allows for a much more comprehensive security platform. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Enterprises, in short, must lead the future of password security rather than allowing their end-users to take full responsibility for a crucial authentication factor. If you are to implement multifactor authentication, you can&#8217;t risk one of the factors being rendered vulnerable because of employee negligence. \u00a0\u00a0\u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Is Two-Factor Authentication Still Enough?<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Password security, by its nature, focuses on two-factor authentication, which combines something the user knows\u2014the password\u2014with something the user has such as a hard token or a biometric authentication factor. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Two-factor authentication serves as a stronger alternative to single-factor authentication. Yet the future of password security may not lie with two-factor authentication. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The more authentication factors incorporated into your identity and access management, the more secure your enterprise. Two-factor authentication is indeed stronger than a password-reliant single factor authentication process, but it can\u2019t compare to the capabilities of multifactor authentication. When combined with factors like geofencing, biometrics, and hard tokens simultaneously, strong passwords can prove a surprisingly effective gatekeeper. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Increasing evidence indicates hard tokens and biometrics can be subverted or mimicked by hackers. The future of password security thus may instead place it as part of a much more intricate web of authentication factors. \u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Moreover, multifactor authentication works to support a granular access model rather than the all in one model of authentication supported by passwords\u2014enter the password and get access or fail to and don\u2019t. Granular access asks for more authentication factors as the sensitivity of the data increases. The future of password security may require switching to this model instead. \u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>The Future of Password Security Training<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Password security is as much about training as it is about technology. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Having the right identity and access management solution is essential to the future of password security in your enterprise. However, technology is only one part of the overall security equation. Another crucial component is employee adoption and understanding of password security best practices. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Only 50% of users change their passwords after a breach affects them, according to Stockton. Often users feel their passwords will not be stolen or that nothing they do can change whether hackers get their credentials. This must change if your enterprise aims to strengthen its authentication and access management. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Through comprehensive and regular training, your employees can embrace the password security best practices you need to secure your future in a dangerous digital market.<\/span><\/p>\n<br \/>Widget not in any sidebars<br \/>\n","protected":false},"excerpt":{"rendered":"<p>Almost a year ago, the editors of Solutions Review\u2019s Cybersecurity team asked if passwords and traditional access management were dead. We wrote this article not to be alarmist. Instead, we asked whether passwords should still serve as part of modern enterprises\u2019 identity and access management platforms. Evidence suggests they constitute a major vulnerability and attack [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":3372,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[5],"tags":[914,142,125,16,112,76,118,145,91],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>2019 and the Future of Password Security and MFA<\/title>\n<meta name=\"description\" content=\"What is the future of password security in 2019? How does the future of password security line up with the future of multifactor authentication (MFA)?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/\",\"name\":\"2019 and the Future of Password Security and MFA\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/sunrise-over-the-earth-mod.jpg\",\"datePublished\":\"2018-12-17T19:42:23+00:00\",\"dateModified\":\"2018-12-17T19:50:08+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"What is the future of password security in 2019? How does the future of password security line up with the future of multifactor authentication (MFA)?\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/sunrise-over-the-earth-mod.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/sunrise-over-the-earth-mod.jpg\",\"width\":800,\"height\":400,\"caption\":\"70% of Enterprises Will Use Security-as-a-Service by 2021\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/identity-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"2019 and the Future of Password Security and MFA\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/\",\"name\":\"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, &amp; Services\",\"description\":\"Identity Access Management (IAM) News, Best Practices and Buyer&#039;s Guide\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"2019 and the Future of Password Security and MFA","description":"What is the future of password security in 2019? How does the future of password security line up with the future of multifactor authentication (MFA)?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/","url":"https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/","name":"2019 and the Future of Password Security and MFA","isPartOf":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/sunrise-over-the-earth-mod.jpg","datePublished":"2018-12-17T19:42:23+00:00","dateModified":"2018-12-17T19:50:08+00:00","author":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"What is the future of password security in 2019? How does the future of password security line up with the future of multifactor authentication (MFA)?","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/#primaryimage","url":"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/sunrise-over-the-earth-mod.jpg","contentUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/sunrise-over-the-earth-mod.jpg","width":800,"height":400,"caption":"70% of Enterprises Will Use Security-as-a-Service by 2021"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/identity-management\/2019-future-of-password-security-mfa\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/identity-management\/"},{"@type":"ListItem","position":2,"name":"2019 and the Future of Password Security and MFA"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/identity-management\/#website","url":"https:\/\/solutionsreview.com\/identity-management\/","name":"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, &amp; Services","description":"Identity Access Management (IAM) News, Best Practices and Buyer&#039;s Guide","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/4094"}],"collection":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/comments?post=4094"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/4094\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media\/3372"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media?parent=4094"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/categories?post=4094"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/tags?post=4094"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}