Which MFA Configuration Adopted by OCTA?
“Okta Hack Blamed on Employee Using Personal Google Account on Company Laptop” https://www.securityweek.com/okta-hack-blamed-on-employee-using-personal-google-account-on-company-laptop/amp/
On OKTA, I posted this message a few days ago in view of the reported possibility of targeted phishing- “An Extra Few Minutes for Each Login — Still Too Bothersome?” (4Nov2023)
https://www.linkedin.com/posts/hitoshikokumai_5000-okta-employees-data-accessed-in-a-activity-7126491748377251840-48yy
Now on this newer report, OKTA appears to emphasize the power of MFA (Multi-Factor Authentication), without telling whether it is deployed in a security-enhancing multi-layer formation or in a security-destroying multi-entrance formation; When we see biometrics involved as an authenticator for MFA, we witness the latter in all the cases.
I have kept discussing this MFA issue for two decades. Here is one of my many posts in which this issue is referred to — “Where 2 is Weaker than 1?” (21Mar2023)
https://www.linkedin.com/posts/hitoshikokumai_democracy-privacy-data-activity-7043841718252687360-iLu4
What is behind it visually explained in this 2minute video — “Biometrics in Cyber Space — ‘below-one’ factor authentication” https://youtu.be/wuhB5vxKYlg
I am certain that whoever watched this short video would never attempt to come up with an MFA scheme with biometrics an authenticator. Should OKTA have rejected such a suicidal scheme already, they could have explicitly declared as such. It must have helped them a lot in their credibility.
Well, dreaming of the best possible solutions? — You might be interested in this press release — “Teaming Up with Top Brand Quantum Resistant Cryptography” (19July2023)
https://lnkd.in/ggnBBm5z
Thanks to Stiepan Aurélien Kovac for bringing me here -https://www.linkedin.com/posts/activity-7126917642879164416-5MCU/
