Gartner’s Pescatore Reaffirms the Need for Stronger Authentication in Light of Gawker Incident
If you haven't seen it yet Gartner's John Pescatore has a good note up about the need for stronger authentication and a move away from relying upon reusable passwords. This post was driven by the recent Gawker incident (see our founder Jon Oberheide's writeup for a detailed analysis), but is simply more evidence toward what Gartner has been saying all along.
The one area where companies could get the most immediate value for their security dollars it is with stronger authentication. In the mentioned note Pescatore states:
I’d rather see the Gawker incident increase momentum for alternatives to the reusable password, like the simple use of text messaging for challenge/response or other approaches. Just as it is time for DNSSEC to increase the security of identifying websites, its time to user authentication to get stronger. After all, in about 3000 BC the Egyptians figured out the basics of concrete and luckily built the pyramids that way, vs. just piling up rocks.
At its heart this is why Duo Security was founded. We are trying to remove the barriers to two factor authentication to make stronger security available to everyone.