Authentication-Based Defense
So now we’ve trained current employees and added anti-phishing training as part of onboarding for new employees. We’ve used DNS-based defenses so that incoming phishing emails can’t be forged to look like they came from our domain. What else can we do to defend ourselves? We’ve done everything we can do to decrease the likelihood of lost credentials. Now let’s see what we can do to reduce the impact of lost credentials.
2FA
In a traditional login, a user supplies a username and password to authenticate themselves to the system. In this scenario, the password is the single factor the system uses to decide whether to authenticate the user or not. That works fine until the password becomes known to an attacker. This disclosure ...
Get Practical Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
