Identity at the Center Identity at the Center #55 - Solving Identity Challenges with MFA
Aug 3, 2020
Jim and Jeff tackle the complexities surrounding multifactor authentication (MFA) and the importance of robust security measures. They critique Instacart's PR response to credential issues, emphasizing the need for strong MFA adoption. A deep dive into various authentication methods reveals the pros and cons of each. They discuss innovative solutions like voice biometrics for users without smartphones and debate the challenges of user enrollment. They also highlight how security investments often surge after breaches, stressing the need for proactive education in the industry.
AI Snips
Chapters
Transcript
Episode notes
Make MFA A Default Option
- Offer multi-factor authentication as a baseline option for users to reduce credential-stuffing risk.
- Encourage adoption but accept some users may decline while keeping stronger protections available.
Blaming Users Masks Technical Failures
- Blaming users for breaches is a tone-deaf PR move and shifts responsibility away from tooling gaps.
- Insufficient investment in anti-bot and adaptive controls often explains credential-stuffing success.
Detect And Stop Credential-Stuffing Early
- Detect abnormal login patterns like repeated attempts from the same IP and throttle or block automated attacks.
- Use adaptive responses (step-up MFA, rate limiting) when bots or credential stuffing signatures appear.