Cybersecurity Mythbusters

Microsoft said that MFA stops 99% of attacks. Is this really true?

We hear all the time to implement MFA, but when it comes to all the options, which one is best? Luckily we have Roger Grimes (KnowBe4), Author of Hacking Multifactor Authentication, with us to help us out!

Join Beyond Identity's CMO, Patrick McBride, and CTO, Jasson Casey, as they try to bust this latest myth!

Follow Beyond Identity:
https://twitter.com/beyondidentity
https://www.linkedin.com/company/beyond-identity-inc/

Website:
https://www.beyondidentity.com/

A TPM (or Trusted Platform Module) is an industry standard component that protects keys that can be used for authentication.

The important property of TPMs is that the private key is protected from even the lowest level of the operating system. This property protects a TPM key from phishing and other attacks that may expose it. It is available on most PCs, networking equipment, and industrial controllers.

But can a TPM be hacked? Our Security Architect, Monty Wiseman is with us to help us find out!

Join Beyond Identity's CMO, Patrick McBride, and CTO, Jasson Casey, as they try to bust this latest myth!

Follow Beyond Identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-inc

Website:
beyondidentity.com

Most credentials are some form of symmetric, or shared secret (like passwords). The problem is that a shared secret must be shared and transmitted between a client and a server. Application load balancers, proxies, and content distribution networks ensure that these secrets touch the memory of many machines between the client and the server.

If any of these machines were to become compromised, the shared secrets it contains are also compromised. Users can also unknowingly or unwittingly divulge the shared secret.

Preventing credential theft requires the realization that the movement of the credential is bad. Every time the credential moves, it increases the surface area that must be protected.

If a credential never moved, it would have a surface area the size of its host computer.

Asymmetric cryptography provides the technical means of creating unmovable credentials. Create an asymmetric key pair, share the public key, don’t move the private key, and sign challenges with your private key. This is a simple mechanism that chips away at the problem.

Join Beyond Identity's CMO, Patrick McBride, and CTO, Jasson Casey, as they, joined by KnowBe4's Roger Grimes, try to bust this latest myth!

Follow Beyond Identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-inc

Website:
beyondidentity.com

Are you tired of the hassle of traditional passwords? It's time to explore the future of user authentication with passkeys! In this video, we delve into essential strategies for businesses looking to successfully introduce passkeys into their systems.

Free Passkey Tool:
https://thepasskeyjourney.com

In this insightful discussion, we cover:

Understanding your User Base: Learn how to approach the transition from passwords to passkeys with your users' needs in mind.

Seamless Integration: Discover the power of using prompts and information strategically throughout your users' journey to encourage passkey adoption.

Gradual Transition: Recognize that moving to passkeys is an ongoing process, and we'll share tips to make the transition smoother and more efficient.

If you're intrigued by the idea of improving user experience with passkeys, be sure to check out the FIDO Alliance website. They have a dedicated UX working group that provides valuable guidelines and Figma templates to help you get started. We've included the link in the video description below!

FIDO Alliance
https://fidoalliance.org

FIDO Alliance UX Guidelines
https://fidoalliance.org/ux-guidelines-for-passkey-creation-and-sign-ins

Beyond Identity
https://www.beyondidentity.com

Join the conversation about the future of user authentication and optimize your security measures with passkeys. Don't forget to like, share, and subscribe for more informative content!