Veridium’s security experts advise switching to password-less multi-factor authentication, which is designed to solve password-related security problems. […]
Password managers are considered a secure solution, which are used primarily in business. But they are not completely without dangers. For example, at the end of April 2021, the password manager PasswordState was successfully attacked: For two days, the passwords of 29,000 companies and their more than 370,000 security and IT experts who used the manager were openly accessible. What had happened: An attacker had managed to attack less secure elements in the supply chain of the Australian provider Click Studios, which compromised its inplace upgrade function. As a result, updates infected with malware were delivered when updating the operating system to a newer version.
More security without passwords
in 2021, two major attacks of this kind, such as the one on solar winds, have already become known, now a third has been added. According to Rainer Witzgall, Country Manager DACH at Veridium, there will be more and more supply chain attacks in the future: “The pressure of ever shorter development cycles makes it difficult for the producers of software and applications to ensure appropriate security measures in good time.”With VeridiumID, the cybersecurity expert has presented a multi-factor authentication platform that makes passwords – and thus a significant risk factor – completely unnecessary.
The solution uses AI-based behavioral biometrics as an authentication factor. “With the pressure exerted on the screen and the very individual nature of the movements performed by the users, biometric data is generated that is protected against reproduction – which, in comparison, cannot be completely guaranteed even with Face ID and fingerprint systems. The possession of a commercially available smartphone and this specific use of the biometrics already integrated in it meets all the criteria required for strong authentication,“ Witzgall adds.
Karl Pichler, CEO of innovatice group and Veridium sales partners in Austria, the growing awareness of the problem is great potential for password-less solutions: “Gartner Vice President of Ant Allan is estimated that by 2022, 60 percent of large and global, and even 90 percent of the medium-sized enterprises password-less solutions in more than half of their Use Cases to be implemented. From our point of view, the time for a conversion from cost-intensive password managers to resource-saving and user-friendly password-free multifactor authentication is definitely ripe.“
* Bernhard Lauer is a outsourcing freelance editor of dotnetpro and is responsible for the section Basic Instinct. With Visual Basic, he has been programming privately since version 1.0.