Multi-factor authentication is another line of defense that can be implemented to protect authentication. While effective in reducing risk, most organizations limit multi-factor to external access to the network due to the cost of the technology and limited user acceptance of the technology.
Organizations should focus on deploying multi-factor authentication for systems that provide external access to sensitive applications or massive amounts of data. It should be remembered that no multi-factor authentication method is invincible, but is another tool to reduce risk.
Password authentication is a weakness that we will have to live with for the foreseeable future. But through defense-in-depth security architectures that address authentication as a holistic system of people, processes and technologies, a company's risk can be reduced. Reducing risk to a level that allows the organization to function in the most efficient way possible should be the goal of all network and security professions.
Sign up for CIO Asia eNewsletters.