Month: July 2017

  • Phishing your way Past Multi-Factor Authentication

    Posted on July 24, 2017 by Charles Worrell

    Let’s say an attacker gains access to a valid set of employee credentials. If you don’t have multi-factor authentication (MFA) in place, the attacker has hit the jackpot. They can quickly authenticate against any publicly available asset that accepts the compromised username and password.

    But what if you do have MFA in place? You have a federated single-sign-on portal as the gatekeeper to your sensitive public assets, and it’s protected with MFA. Learn More