Hopefully, ‘Multi-Entrance’ MFA is Not Allowed There

Hitoshi Kokumai

Aug 7, 2022

--

I owe this article to ‘idenhaus’ Newsletter — “AWS Focuses on Identity Access Management at re:Inforce” https://www.darkreading.com/dr-tech/aws-focuses-on-identity-access-management-at-re-inforce

Multi-Layer deployment; better security and poorer availability
Multi-Entrance deployment: better availability and poorer security

This is what I examined in “MFA: Multi-Layer or Multi-Entrance?” https://www.linkedin.com/posts/hitoshikokumai_cisa-adopt-modern-auth-now-for-exchange-activity-6948873184221749249-2QOW

and “Where ‘2’ is Weaker than ‘1’” https://www.linkedin.com/posts/hitoshikokumai_democracy-privacy-ethics-activity-6950278500830310400-6gLj

Where security matters, MFA must be multi-layer. ‘MFA in multi-entrance deployment’ must not be allowed unless security is a lower priority.

I do wish that AWS is enforcing the multi-layer deployment on security-oriented users.

Website — https://www.mnemonicidentitysolutions.com/

Digital identity blogs collected at https://www.linkedin.com/pulse/collection-digital-identity-comments-hitoshi-kokumai-posted-kokumai/

Hitoshi Kokumai

Written by Hitoshi Kokumai

Advocate of ‘Identity Assurance by Our Own Volition and Memory’, Inventor of Expanded Password System and Founder of Mnemonic Identity Solutions Limited in UK.

Help
Status
About
Careers
Blog
Privacy
Terms
Text to speech
Teams