Should We Be Rethinking Multifactor Authentication?

AP
Aaron Painter
Oct 3, 2022
Learn more

KEY POINTS:

KEY POINTS:

  • Attacks exploiting multifactor authentication are on the rise.
  • Using MFA fatigue, attackers successfully breached Uber and Okta.
  • Security measures like authentication with biometrics and passwordless logins mitigate risk.

Power in Passwordless: Rethinking Multifactor Authentication After Increase in Attacks

It’s easy to imagine – your work email prompts a sign-in approval on your phone before you have access. It seems secure, right? One day, you get a prompt while off work and are not logged in to your email. You deny it. It comes up again and again. Each time, you’re careful to deny the request. Let’s say the notifications continue – relentlessly. In this attack, it’s common for users to become careless and accidentally give attackers an opening. The technique is called MFA fatigue or prompt bombing (Tech Target), and there’s been an influx of these attacks.

“Professionals are abuzz on one topic – the failure of multifactor authentication or MFA, as it is commonly known,” said Aaron Painter, CEO, Nametag. MFA has been a part of directives and advice in improving security for digital account access for the last few years. “Recent security breaches at a host of companies, most recently at Uber, have pointed to the rise of what’s known as MFA fatigue,” said Painter.

There are a handful of security measures available to mitigate these attacks. Consider a safety net that locks accounts with multiple attempts within a short time. This measure prevents users from experiencing fatigue. Alternatively, professionals suggest one-time passwords. This step is a higher assurance of factors. “It turns out that adding more factors of authentication to passwords isn’t the right answer. Perhaps the solution is that we need better factors,” said Painter.

Microsoft recommends passwordless solutions, which effectively defend against this and more advanced adversary-in-the-middle attacks (Bleeping Computer). Another source, TechTarget, also suggests adopting a passwordless solution. “Passwordless authentication removes passwords from the process, which can drastically reduce risk.” Other passwordless solutions use biometrics for authentication. Apple and Google’s Face ID exemplifies biometric confirmation. “Plus, passwordless authentication reduces friction and improves UX. It also increases the efficiency of IT and security operations, reducing the amount of time and effort spent handling password resets and account lockouts” (TechTarget).

“The recent Lapsis attack and other critical vulnerabilities like those of Print Nightmare have brought warnings even from the likes of the FBI regarding state-sponsored threat actors using exploits like multifactor authentication,” said Painter. Organizations of all sizes are vulnerable to these attacks, including Okta and Uber (CSO). Like most security measures, cyber attackers eventually find a way around them. Pivoting measures to the latest technology and tactics keeps your company safe and secure.

 

Follow us on social media for the latest updates in B2B!

Image

Latest

patient
Rebecca Interview: When Peer-to-Peer Reviews Stop Being About the Patient
December 2, 2025

Behind the sterile labels of “inpatient” versus “observation” care is a messy reality: clinicians and insurers often enter peer-to-peer reviews without a shared rulebook, turning what should be a clinical dialogue into a box-checking exercise. The speaker’s frustration points to a broader problem in U.S. healthcare utilization management—decisions about coverage can feel pre-decided,…

Read More
physician advisor
Navigating Payer Denials: A Physician Advisor’s Perspective #2
December 2, 2025

A physician advisor recently described a case that should unsettle anyone who cares about fair, clinically grounded coverage decisions: a Medicaid patient arrived comatose from an overdose, was emergently intubated, developed aspiration pneumonia, and stayed through three midnights before leaving against medical advice. By any bedside standard, this is acute, unstable care—exactly what…

Read More
Inside ERISA Denials: Why Employers May Be the Real Decision-Makers Behind Your Insurance Card
December 2, 2025

Insurance denials aren’t new, but they’re hitting a breaking point right now. As prior authorizations surge and patients face longer delays for everything from imaging to specialty drugs, more providers are realizing that the “payer” on the card often isn’t the one truly holding the reins. A growing share of Americans are covered…

Read More
Laying Out the Landscape in Today’s Patient Monitoring
Laying Out the Landscape in Today’s Patient Monitoring
December 2, 2025

More and more hospital environments rely on continuous, high-quality data to support faster clinical decisions, but much of today’s patient monitoring still varies widely by unit, device, and workflow. This episode kicks off a five-part Health and Life Sciences at the Edge series exploring The Future of Patient Monitoring. Intel’s Kaeli Tully, Solutions Engineer…

Read More
Related
SMB
Software & Technology
Big-Brand Marketing, SMB Scale: Start with Strategy, Build on Trust and Measure What Matters
October 22, 2025
Real-World Marketing
Healthcare
Human Skills Power Real-World Marketing in the AI Era
October 22, 2025

As marketing teams adapt to tighter privacy regulations, the decline of traditional ad tracking, and the rise of social commerce, the profession is navigating a period of rapid transformation. Generative AI, automation, and data-driven personalization are reshaping how brands communicate and compete. Amid these shifts, marketers and educators alike are reexamining the skills and values…

Read More
Axecessive Force
Healthcare
Breaking Things, Building Trust: How PayPal Powers Axecessive Force
October 14, 2025

In an age where experiences mean more than possessions, the rise of “active entertainment” has transformed how people unwind and connect. From axe-throwing to rage rooms, the thrill of safe destruction offers a therapeutic escape from daily stress. Yet behind the chaos of shattered glass and flying axes lies a precise operation — one…

Read More