Passwords are stupid.
Hang on. Passwords WERE a brilliant way of proving you are who you’re supposed to be. From speakeasies to secret agents to enterprise applications. Wasn’t that nice?
But now passwords are stupid and you should stop using them. Because they’re barely a speed bump in a modern attack. Assume your passwords are compromised, because you can’t make a password they can’t break.
You’d be surprised how often in our (award winning) security assessments, we drop the toughest passwords before breakfast.
You need a token that can’t get got. That evades the hack. That changes too quickly to be cracked.
Welcome to life after passwords.
It still starts with verifying identity. This can come from something you know—not something you memorized but something you know from being you, like your grandma’s birthday or your monthly car payment. It can also come from something you are—like your thumb print. But it really only has to happen once.
Make the user prove who they are to the system. Then, every subsequent access attempt will send a query to the user’s mobile device “Is that you?” When they answer, the system will provide a token as needed for that pre-verified identity. A token regenerated once a minute so it can’t be faked.
The point is, things only you know like identity proofing questions and things you have, like your phone are much much harder to guess or get than a password.
And while you can’t know if someone has their hands on your password, you’ll know if your phone is gone. You can kill it as an access point the moment it’s missing.
And yes, some bad guys will still get in. Because they will always still be able to get in. But you can make it as hard as possible. And once they’re in, you can make it as hard as possible to get the best of you. And we can help with that too.
Learn more & start the conversation today