"We are currently stuck in this quagmire of resetting our passwords, hoping that we can buy our way to overtime, and some magic will take place before our next breach is discovered. Well, that is not going to happen unless you own your own tomorrow, eh?"
"The good news is that cybersecurity is becoming a principal business initiative," says Shahidzadeh. "There are a number of enterprises where the CFOs are actively sponsoring their CISOs and CIOs in the hunt to kill passwords, all in the light of that inevitable breach that can result in a brand receiving a black eye that can, and most likely will, be financially devastating."
"Now, what to replace binary-authentication with, is the craft, here. Note that not all passwordless solutions are equal," Shahidzadeh adds. "If you are in the hunt for replacing binary authentication, you better not go with nonperforming solutions that can be quickly exploited in a few short months nor simply pick the solution that everyone else is using, yet still getting breached." For example, notes Shahidzadeh, replacing your passwords with passphrases or even a combination of passwords with weak, "off the shelf 2FA/MFA, including biometrics, is just asking for trouble. Instead, think about the opportunities to adopt a real next-gen authentication that is continuous (including capabilities to detect anomalies post-authorization) and leverages and drives the paradigm shift. Keep in mind that authentication is not a single event with a start and an end, or a simple “yes” or “no” process. It is a continuum."
Read the full article at Security Magazine website.