Adaptive MFA improves security and customer experience. According to Dashlane, the average US internet user has over 150 online accounts, with that number projected to double by 2022. By Randy Nasson and Antonio Fuentes.
Given the rampant password reuse problem (65% of people reuse passwords across multiple sites), when data breaches occur, a vast number of accounts are vulnerable. While protective measures like Breached Password Detection can help minimize risks associated with known stolen credentials, there nevertheless remains a substantial risk for potential credential theft in the future.
Key takeaways form this article:
- Multi-factor authentication (MFA) provides added security for protected content, but usability concerns can adversely affect the user experience
- Using custom MFA options can help reduce friction, but custom MFA requires writing rules (coding) or explicit user opt-in to minimize prompts for secondary factors
- Auth0 now offers Adaptive MFA, which only prompts users for secondary authentication factors if the login or authorization attempt is considered risky
Adaptive MFA bridges the gap between user experience and account security by providing a secondary factor for end-users but only prompting them for secondary verification when the primary factor login looks suspicious or unusual. For example, if the user logs in from a new device or logs in from previously unseen geolocation, these signals can indicate low confidence that a login attempt is legitimate and that the user should be prompted to authenticate via the second factor.
MFA offers an excellent defense against password-related account compromise. According to Open Web Application Security Project (OWASP), MFA is “by far the best defense against the majority of password-related attacks”. Good read!
[Read More]