MFA is a pain — why bother?

Can we get rid of passwords too and go Passwordless?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

🔒 Related Stories: Cybersecurity for Executives

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

It seems impossible to prevent stolen passwords. What’s a system administrator supposed to do when third-party services don’t correctly hash passwords, expose databases to the Internet, and people keep reusing passwords? Fortunately, there are some things you can do to make it harder for attackers to get those credentials or use them. This is the next blog post in my serious of Cybersecurity for Executives.

As explained in my last post, attackers use passwords stolen in one data breach to get into other systems because people reuse credentials and create easy to crack passwords. I explained how stronger passwords help prevent data breaches. Now all you need to do is create a different very long and hard-to-guess password for all 50 different websites you use that require authentication. So that’s just 50 long, complex passwords you need to remember. No problem, right?