Absence of Wrongly-Configured MFA Helps Identity Security
“Money-grubbing crooks abuse OAuth — and baffling absence of MFA — to do financial crimes” https://www.theregister.com/2023/12/14/moneygrubbing_crooks_abuse_oauth_apps/
It’s amazing that so many security professionals and tech reporters are so ignorant of or indifferent to the opposite security effects of MFA configured in a multi-layer formation and in a multi-entrance formation — Absence of wrongly-configured MFA would help identity security
As we have repeatedly proven, a 2FA made of a deterministic password/pin and a deterministic physical token, PKI-powered or otherwise, that is configured in 2-layer formation, naturally increases the identity security significantly. On the other hand, an MFA which involves probabilistic biometrics and configured in 2-entrance formation inevitably destroys the identity security (*1)
Then, what can we do? — Our suggestion is simple.
1. If you do not involve biometrics in your MFA schemes, you could ignore all that I mentioned about MFA.
2. If you involve probabilistic biometrics in your MFA schemes, you could remove the biometrics altogether and go back to the solid 2FA made of a deterministic password and a deterministic physical token. Then you are out of the quagmire of MFA.
3. In any case, should you be interested to get yourself, your colleagues, employees and clients relieved from the password headache, you could have a glance at our writing on ‘Image-to-Code Converter (*2) and its application as a leak-proof password manager *3)
*1 “Why We Cannot find 3FA Deployed in 3-Layer Formation?” (3Dec2023) https://www.linkedin.com/posts/hitoshikokumai_identity-authentication-password-activity-7136923578544885760-ksPp
*2 “What ‘Image-to-Code Converter’ Offers to Global Population” (27Oct2023)https://www.linkedin.com/posts/hitoshikokumai_image-to-code-converter-31july2023pptx-activity-7123566445531189248-oIxA
* 3 “Release of Beta Mnemonic Gateways” (13Dec2023) https://www.linkedin.com/posts/hitoshikokumai_identity-authentication-password-activity-7140519698529464320-saOM
Kick out the falsehood of biometrics-involved MFA and you will be able to focus on the truly effective identity security solutions.