MFA stops credential theft? – Busting cybersecurity myths

HomeOther ContentMFA stops credential theft? – Busting cybersecurity myths
Channel: Beyond Identity Sourced: Youtube Published 12 months ago
MFA stops credential theft? - Busting cybersecurity myths
MFA stops credential theft? – Busting cybersecurity myths
Most credentials are some form of symmetric or shared secret (like passwords). The problem is that a shared secret must be shared and transmitted between a client and a server. Application load balancers, proxies, and content delivery networks ensure that these secrets touch the memory of many machines between the client and server.

If one of these machines were to be compromised, so would the shared secrets it contains. Users may also unknowingly or unintentionally disclose the shared secret.

To prevent credential theft, we must realize that moving credentials is bad. Each time the identifier moves, the surface area to protect increases.

If an identifier never moved, its surface would be the size of its host computer.

Asymmetric cryptography provides the technical means to create immovable credentials. Create an asymmetric key pair, share the public key, don't move the private key, and sign challenges with your private key. This is a simple mechanism that solves the problem.

Join Beyond Identity CMO Patrick McBride and CTO Jasson Casey as they, joined by KnowBe4's Roger Grimes, attempt to bust that last myth!

Follow beyond identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-inc

Website:
beyondidentity.com

Please take the opportunity to connect and share this video with your friends and family if you find it useful.

No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Privacy Policy | Terms of Services | Contact us | DMCA

We adhere to fair use guidelines when quoting from other sources. We provide brief excerpts and proper attribution.

Redway © 1999-2024