Passwords Day will be held on 4 May 2023 to raise awareness about the importance of passwords and how to use them safely. Weak or stolen passwords pose a significant security risk, as attackers can easily gain access to users' personal and financial data, as well as sensitive information about companies. A Microsoft says In 2022, there were 1,287 password attacks per second, and phishing attacks increased by 61% between 2021 and 2022.
Password-free technology is a new solution that allows users to log in to online services without having to enter or remember a password. A Microsoft's passwordless authentication system using methods such as facial or fingerprint recognition, smartphone apps or physical security keys. These methods are more secure and simpler than traditional passwords, and support new industry standards such as Web Authentication API (WebAuthN) and Fast Identity Online (FIDO2). Passwordless technology is already supported by several major platforms such as Google, Apple, Amazon and Facebook.
One success story of the use of password-free technology is Accenture, which provided password-free authentication for 738,000 employees using Microsoft. The results were impressive: faster login, a more trusted experience, fewer failed authentications and improved security. According to Accenture, this saves employees and IT support staff more than 12 million hours a year.
Microsoft not only offers password-free solutions for end users, but also helps IT managers easily manage and implement password-free authentication for all users. Azure Active Directory (Azure AD) is a cloud-based identity and access management service that enables companies to manage access to applications and data in a unified way.
In addition to password-protected technology, another way to increase security is to multi-factor authentication (MFA), which requires the user to prove their identity by several types of evidence (factors). Examples include a code received in addition to a password via SMS or an authentication application, a physical security key, or biometric data such as fingerprints or facial recognition. In Microsoft 365, administrators can set up multi-factor authentication for users, which reduces the risk of compromise by 99.9%.
However, multi-factor authentication is not perfect either, as attackers use sophisticated methods to deceive users and steal verification codes. Fishing attacks cost large US companies an average of $14.8 million a year. That's why it's important that users not only use strong passwords and multi-factor authentication, but also pay attention to what websites and emails they click on and what data they share.
Another security model worth exploring is the Zero Trust model, which is based on precautionary measures: "Never trust, always verify." The three pillars of the Zero Trust model are: explicit authentication, restricted access, and assumption of a breach. This means that all users and devices should be checked every time they attempt to access a resource; only minimal privileges should be granted for a given task; and anomalies and threats should be continuously monitored. Microsoft Security helps companies implement the Zero Trust model with Azure AD and other products.
Hartung Ariel
https://lnk.bio/ariel.hartung As the founder of SoftDirect and 101 Grid, I am committed to sustainable and innovative solutions. At SoftDirect, we trade software, offering affordable and environmentally friendly alternatives for businesses and individuals alike. And at 101 Grid, as an innovative electric car charging operator, we develop sustainable and automated charging systems. Artificial intelligence plays a key role in both companies, helping to optimise processes and improve the customer experience. In my blog, I want to share my thoughts and experiences on used and reused software and inspire others to dare to dream and create.
All Author Posts
%20támadások%20%5B…%5D&media=https://soft.direct/wp-content/uploads/2023/05/password.jpg){kind=link}