Event Recording

Why Many MFA Programs Fail Strong Authentication Cyber Insurance Criteria - And What to do About It.

Show description
Speaker
Gerhard Zehethofer
VP
Secret Double Octopus
Gerhard Zehethofer
Gerhard is passionate about technology and the role it can play in improving people’s lives. As a digital identity native, he is focusing on helping organizations to solve the identity access challenge of improving security and usability at the same time.
View profile
Top related content
Event Recording
The End of the Password – How to Really Protect Digital Identity
Nov 13, 2018

In the digitalized world, passwords are not sufficient anymore to protect digital logins and transactions. What’s even worse: In 81 percent of all cases, they are the main reason for a hack. Once a password is stolen, it opens the doors to fraudulent use and data theft. Furthermore, since most consumers link their online accounts at Amazon, eBay or Twitter to their Facebook or Google account, attackers only have to hack one password in order to gain access to the entire range of applications. This also enables them to easily compromise the complete digital identity of a user. All these examples show, that passwords are outdated. Their single application for the protection of digital identities is not only careless, but very harmful. However, there is a remedy, which is reliable and widely available today: the 2- or multi-factor authentication (2FA/MFA). Providers of online portals and services can offer their users a broad range of easy-to-use tokens, which relieve consumers of the burden to remember another password – from push tokens that only have to be confirmed by tapping the “OK” field on the smartphone’s touchscreen to scanning a QR code with the smartphone’s camera. In his presentation, Dr. Amir Alsbih explains the latest challenges and solutions in the protection of digital identities and illustrates how consumers can benefit of new MFA technologies.

Event Recording
Going Passwordless and Beyond - The Future of Strong Authentication
Sep 14, 2021

The onslaught of account takeover attacks from insecure passwords is driving the rapid adoption of passwordless solutions.  While the risk reduction benefits are substantial, eliminating passwords is just the first step on the path to fundamentally strong authentication.  In the “new normal” era of work from anywhere, and rapidly increasing cloud adoption, organizations are moving to a new risk-based authentication model.  Advanced organizations are validating users, their devices, and inspecting the security posture of the device for each login.  Strong and continuous authentication is a fundamental building block of Zero Trust. Learn how you can make it happen without making the user experience miserable.

 Discussion topics include:

  • New cybersecurity and identity management requirements in the post COVID era
  • Traditional MFA vs Passwordless - avoiding the “security vs. painful user experience” tradeoff
  • Device trust and the confluence of cybersecurity and identity management
  • Continuous risk-based authentication 

Takeaways:

  • Account takeovers and other attacks have increased as a result of distributed working - adopting a solution that removes passwords removes most of the risk
  • MFA has evolved beyond the traditional “password + SMS + pin” approach
  • CISO’s and IT no longer have to trade increased security for user convenience
  • Modern devices allow organizations to leverage the Secure Enclave / Trusted Platform Module for increased security
  • Continuous, risk-based authentication is a key factor in identity and access management
Patrick McBride, Chief Marketing Officer, Beyond Identity
Webinar Recording
It’s Time to Forget Your Password and Settle for Multi-Factor Authentication
Sep 06, 2019

The majority of security breaches and attacks can be traced back to stolen and compromised passwords. Mobile devices are often particularly vulnerable because many users tend to avoid long passwords and special characters.

Webinar Recording
Making Passwordless Authentication a Reality: The Hitchhiker’s Guide
Nov 16, 2022

In this webinar, Bojan Simic, founder and CEO at HYPR, and Martin Kuppinger, Principal Analyst at KuppingerCole Analysts, share their insights and experience on what to consider when moving towards passwordless authentication, and making this a reality. They talk about solutions, but also cover the change management challenges involved when moving to a better (but different) authentication for thousands, hundreds of thousands, and even millions of users.

Topics they cover include

  • How to implement passwordless authentication without ending in a service desk nightmare
  • Remaining flexible: Building your passwordless solutions for continuous growth and innovation [this would be about allowing to add/replace tokens etc., but also scale]
  • Remaining strong: Flexibly adjust to the ever-changing threat landscape
  • Integration: Passwordless authentication as a good citizen in the IAM ecosystem
  • What to do beyond: Fraud Reduction, SOAR, and other approaches for identifying fraud and anomalies.
  • Convincing without overpromising: The internal marketing needed for successful rollouts of passwordless authentication.

Webinar Recording
Fixing the Way the World Logs In
Jun 01, 2022

Passwords are quickly and easily compromised, they are costly and difficult to manage, and they result in poor user experiences. Many organizations are looking for alternatives, but find it challenging to identify appropriate passwordless and phishing resistant authentication solutions that are simple, effective, and secure. Join experts from KuppingerCole Analysts and HYPR, the passwordless authentication company, for a discussion about why passwords are no longer fit for purpose and how passwordless and phishing resistant MFA can help the business by enabling digital transformation, and reducing cost and risk, while improving user experience at the same time. They will also discuss how best to go about making the switch.

Martin Kuppinger, Principal Analyst at KuppingerCole explains the essentials of passwordless and phishing resistant MFA, its business benefits, and why decentralized credentials and desktop authentication integration are important. He also outlines key factors and practical steps for making passwordless and phishing resistant authentication a reality to cover all access use cases in hybrid environments.

Jochen Koehler, VP Continental Europe at HYPR, details HYPR’s approach to truly passwordless and phishing resistant MFA that is designed to be a simple and secure way to eliminate passwords and shared secrets, enabling organizations to achieve uncompromising assurance and a consumer-grade experience.

Event Recording
Panel | MFA usage in enterprise
May 11, 2022

There are so many ways enterprises could benefit from using Multi-Factor Authorization (MFA). Benefits include identity theft prevention, secure devices, lower breach risks, to name just a few. But why are so many businesses still not using MFA? Perhaps because it is too complex and time-consuming for IT departments? In this panel, our security leaders will try to clear up any misconceptions there seem to be about implementing MFA in the enterprise.

Event Recording
A Story About Convenient Security
May 11, 2022
Webinar Recording
Take Invisible MFA to the Next Level With Passwordless Continuous Authentication
Apr 21, 2023

Join experts from KuppingerCole Analysts and SecureAuth as they discuss why not all MFA solutions offer the same level of protection, and how organizations can improve their security posture and user experience by adopting a different approach that combines MFA with risk-based Passwordless Authentication.

Alejandro Leal, Research Analyst at KuppingerCole Analysts, will explore some of the problems with legacy MFA solutions and how a passwordless solution can improve usability and security. He will also explain some common passwordless features such as device trust and risk-based authentication.

Nawshad Hoossanbuksh, Senior Product Manager at SecureAuth will explain how adopting a passwordless continuous authentication approach can protect against phishing, brute-force, and MFA by-pass attacks such as MFA fatigue or MA bombing. He will also give an overview of SecureAuth’s Arculix passwordless continuous authentication solution.

Webinar Recording
Extending Beyond the Limits of Multi-Factor Authentication With Continuous Adaptive Trust
Dec 04, 2019

The Identity and Access Management (IAM) market is undergoing rapid and at times transformative change. A steady progression from on-premises to API and cloud platforms is visible as vendors innovate, but authentication tools are under attack from determined adversaries.