Why does my organisation need MFA?
The problem is that people, including your staff, often reuse passwords or passwords that are easy to guess, usually because it’s easier to manage multiple accounts with a single password.
Today, automated computer programs are able to crack your password in 10 seconds (not helped by the fact that 86% of passwords are ‘terrible’). That can be the tip of the iceberg, because once an automated attack ‘guesses’ a password, there’s a good chance attackers will use that password to log into all of your other accounts, a practice known as “credential stuffing”.
This isn’t the only way attackers can gain access to your passwords, other methods they use to gain include:
-
running phishing campaigns focusing on harvesting credentials via a fake login page.
-
getting credential dumps from websites like Pastebin, or the dark web.
-
using tools inside your network to obtain credentials like Mimikatz.
How then can we protect ourselves?
A good start is to use different passwords for each account, and a password safe to manage them effectively. The next step is to make systems require more than just a password to login using multi factor authentication (MFA) instead of single factor authentication (i.e. just a password) makes it much harder to attackers to access your accounts, even if they have your password.
We can help you set up and manage your passwords effectively, as well as add multi-factor authentication secure your accounts.
Related articles
Multi-Factor Authentication – Easier with Techtonics
Techtonics can help you plan for, implement and train your staff to use MFA effectively
call us to get started today! 0800 88 2628