most used passwords still “12345” and “password”, keep you private data as save as enterpises
secure authentification needs to be smart
sms
short message service is the most convinat second factor, but sms is insecure and can be intercepted – major us carriers working together on next-gen ‘mobile authentication platform’ to replace weak sms system
mobile id
is a more secure service, based on certificates and secured with a seperat pin – special sim needs to be provided form the carrier @mobileid
id card
electronic id function of the german passport to secure authenticate at public services, insurances or banks – registred to you secured with a pin – you need a card reader or app @personalausweisportal
oath
is an open standard that allow strong authentication of all users on all devices – no need to send or her intercepted with man in the middle (mitm) attack, code ist calculated in an app – get code right at your smartwatch or backup you accounts with andotp
update: since ios12 and macos 10.14 it is possible to configure oauth in exchange payload via emm, read detailed at: apple’s configuration profile reference
pointsharp
provides secure login with multi-factor authentication to enterprise alliances or cloud services – use pointsharp passwort for mobile services, instead of windows accounts – login with scratch cards, hardware token smartwatch, biometrics or one-time pin
fido
an alliance to provide passwordless experience and a secure second factor – a hardware device ensure the trust of identity @fidoalliance.org
microsoft announced “password-less sign-in to windows 10 & azure ad using fido2” @blog.microsoft
cloud
casb (cloud access security broker) check access based on security policy infront a a cloud service
iam (identity access management) manage user identities centralised, provide role-based access
emm alone can’t prevent users from accessing cloud services via unmanaged apps or browsers. neither iam nor casb have the visibility or ability to allow or deny access to a cloud service based on the state of the mobile device or application. @mobileiron
be safe – review here for list of websites and whether or not they support 2fa
no excuses anymore
madereal - enterprise mobility - innovation 
6 thoughts on “multi-factor authentication”
Comments are closed.