5 Signs You’re Doing Authentication Wrong: Duo Security & Forrester Webinar

Will it ever be truly possible to kill the password? Who knows. But it doesn’t make a lot of sense to rely solely on a password for strong authentication security. With so many breaches as the result of stolen credentials, the market calls for better authentication solutions in the face of new security and business challenges.

Security threats include any number of ways that attackers may use to gain privileged access to internal networks and systems. Social engineering methods like phishing scams and other credential theft means that password security is inconsequential when it comes to keeping networks secure.

Find out if you’re doing authentication wrong by joining our free webinar, Tuesday, March 25 from 2-3pm ET with guest speaker Eve Maler of Forrester Research as she presents her latest research on key trends and generational shifts in the authentication market.

She’ll assess different authentication solutions based on:

Usability

When it comes to authenticating, using an extra device to authenticate or having to manually type in passcodes can slow down user workflows and make it cumbersome to use.

An authentication solution that requires only one device, like a personal phone, can work in multiple places. With two-factor authentication, an authentication mobile app can push a notification to your phone, allowing you to easily authenticate with just one tap.

Deployability

Is the authentication method easy to integrate into your VPNs, web applications and other platforms? Check your authentication solution’s documentation to see what’s involved with installation and configuration.

Another aspect to consider is user provisioning - with a large user-base, you need fast, automated and accurate provisioning. Check that your authentication method integrates with features like Active Directory, or supports batch enrollment via .CSV upload for easy provisioning, ideal for thousands of users or large organizations.

Security

Is your authentication method designed for strong enough security? As Jon Oberheide wrote in RSA-Proofing Our Duo Push Two-Factor Authentication back in 2011,

Even if an attacker leaked all the secrets from our database, they’d be unable to forge successful authentication responses for our Duo Push two-factor. We’re able to accomplish this by ditching the traditional shared secret model of OTP-based two-factor, which uses a symmetric key stored on the server-side to validate one-time pass codes

In the event our database was breached, an attacker would not be able to forge successful authentication responses. That means your users and networks are safe no matter what happens to Duo.

Duo also maintains total independence from your primary authentication, ensuring the integrity of your users’ usernames/passwords remain intact.