Cybersecurity Sessions #8

MFA is Better Than Passwords… Right?

Thursday, June 9th, 10:53 AM GMT / 12:53 PM CET
Listen on Spotify Podcasts Listen on Apple Podcasts
MFA is Better Than Passwords… Right?

Episode Description

MFA is Better Than Passwords… Right?

We’re told that multi-factor authentication is more secure than passwords, but in truth most MFA is susceptible to the same old threats, such as phishing and man-in-the-middle attacks. In fact, the widely championed advice to “use MFA, any MFA” could lead to a false sense of security and even more data breaches.

In this episode, Andy sits down with Roger Grimes (Data-Driven Defense Evangelist, KnowBe4) to find out why MFA is vulnerable to exploitation, whether some MFAs are better than others, and what the future of secure authentication might look like.

Key points

  • What is multi-factor authentication and how has it changed over time?
  • Is MFA more secure than passwords, and how can it be bypassed?
  • Are some forms of MFA more secure than others?
  • What does the future of user authentication look like?

Podcast Host

Andy Still

CPO & Co-Founder , Netacea

Andy is a pioneer of digital performance for online systems, having authored several books on computing and web performance, application development and non-human web traffic. As Chief Product Officer, he leads the technical direction for Netacea’s products, as well as providing consultancy and thought leadership to clients.

Podcast Guest

Roger Grimes

Data-Driven Defense Evangelist , KnowBe4

Roger is a 34-year computer security consultant, instructor, holder of dozens of computer certifications, and an award-winning author of 13 books and over 1,000 magazine articles on computer security. He was the weekly security columnist for InfoWorld and CSO magazines from 2005-2019.

Episode Transcript

Andy Still 0:00
Welcome, welcome. Welcome back to the cybersecurity sessions. Our regular podcast talking about all things cybersecurity, with myself, Andy Still, CTO and co-founder of Netacea, the world's first fully agentless bot management product. This time, we're discussing some of the challenges around authentication of users. Speaking personally, my day job is building tooling that, among other things, will protect systems from automated attacks to compromise accounts, I can personally validate that up to 95% of logins on some systems are malicious attacks. And one of the solutions that's often held out as the magic bullet to solve this problem is multi factor authentication - MFA. We've probably all experienced MFA in some form, whether it's getting an email or a text message to validate a login, or one of the other more complex solutions that are out there. And there are a whole full range of different solutions, some more secure than others. To explain more about the differ

Read more