Dear readers of Hacker's Station, today we will return to the topic of authentication, in detail and to see the importance of multi-factor authentication.
The overcoming of username and password is a necessity, how is it possible to implement effective protection of credentials with multiple factors?
In most cases, violations of computer systems are caused by the theft of passwords or the use of weak credentials.
There is a famous site Have I been pwned created by the Australian cyber security expert Troy Hunt at the end of 2013 which currently contains about 9.5 billion hacked accounts (data collected from all the data breaches of which we know).
If a username that we use for our accounts is present, we must be aware that along with that username also some of our passwords will have been stolen.
The authentication based only on the password is therefore weak, even if the set password is very complex, because the security of the account depends on only one factor, (the password).
To raise the security levels, "strong authentication" or multi-factor authentication techniques have been introduced.
The importance of authencity
Also called 2FA or MFA (Multi-Factor Authentication), it represents additional security and is today the safest protection system we have available to protect our accounts.
A well-known problem, in the opinion of many experts the best solution is to abandon the authentication systems based on username and password to switch to multi-factor ones.
Unfortunately, this small but great revolution is still struggling to take hold, for the moment its implementation is still based on two classic elements:
- Who provides the services or manages the infrastructures;
- User accession on the other;
Furthermore, the fact that there are no standard tools for multi-factor authentication obviously usually limits the choice of the classic verification system by sending a code via SMS or email.
To overcome these obstacles, the best solution would be to abandon current software technologies and move to systems managed directly at the hardware level.
Intel embraced this philosophy and introduced a series of multi-factor authentication solutions to its Intel vPro platform that offers a number of benefits.
AUTHENTICATE SOLUTION
Authenticate Solution provides us with several authentication tools:
- Facial recognition;
- Fingerprint reading;
- Interaction with mobile devices (via Bluetooth connection) and "logical" verification of the position;
The most important part of the Authenticate Solution platform is precisely the availability of biometric authentication systems integrated directly into the computer (crazy if you think about it).
These are techniques that combine a high level of security and at the same time ease of use for daily use in the business environment.
In the event of an intruder, even if he were to find a method to circumvent the controls, he should however ensure physical access to the PC / terminal.
There will be procedures so rapid that they will also represent an ideal solution for companies, where more complex systems such as the use of tokens, would become frustrating to use and old.
As always, make good use of it by testing your device / computer, doing them on devices / computers not yours is illegal.
To the next article.
N.B .: I do not take any responsibility for the use you will make of the guide, as it is drawn up for educational and training use.
Comments
Post a Comment
If you guys have any issue just let me know