Password-based authentication is no longer sufficient if security is a priority. The Verizon Data Breach Report published in 2018 reported that a staggering 81 percent of hacking-related breaches leveraged either stolen and/or weak passwords. Therefore, a remote access solution secured by a password at any point during the authentication process is vulnerable to identity compromise. Moreover, let’s keep in mind that with a 2FA solution or a Password-based MFA solution, an individual’s password, which is the first authentication factor, can be stolen and is a prime target for phishing attacks, among others.
Passwordless MFA solutions that involve basic biometrics as a factor of authentication do not ensure the security of your data as well as of your employees and customers information. Fingerprint recognition like Touch ID and facial recognition like Face ID do not identify the person who’s using the phone, since multiple fingers/faces can be registered on a single smartphone.
With a remote workforce, the risk of data leak and theft becomes exacerbated by employees who elect to use their personal devices and networks with much lower standards of security than their corporate-controlled alternatives, making it easy for attackers to access company data.