Should We Be Rethinking Multifactor Authentication?

AP
Aaron Painter
Oct 3, 2022
Learn more

KEY POINTS:

KEY POINTS:

  • Attacks exploiting multifactor authentication are on the rise.
  • Using MFA fatigue, attackers successfully breached Uber and Okta.
  • Security measures like authentication with biometrics and passwordless logins mitigate risk.

Power in Passwordless: Rethinking Multifactor Authentication After Increase in Attacks

It’s easy to imagine – your work email prompts a sign-in approval on your phone before you have access. It seems secure, right? One day, you get a prompt while off work and are not logged in to your email. You deny it. It comes up again and again. Each time, you’re careful to deny the request. Let’s say the notifications continue – relentlessly. In this attack, it’s common for users to become careless and accidentally give attackers an opening. The technique is called MFA fatigue or prompt bombing (Tech Target), and there’s been an influx of these attacks.

“Professionals are abuzz on one topic – the failure of multifactor authentication or MFA, as it is commonly known,” said Aaron Painter, CEO, Nametag. MFA has been a part of directives and advice in improving security for digital account access for the last few years. “Recent security breaches at a host of companies, most recently at Uber, have pointed to the rise of what’s known as MFA fatigue,” said Painter.

There are a handful of security measures available to mitigate these attacks. Consider a safety net that locks accounts with multiple attempts within a short time. This measure prevents users from experiencing fatigue. Alternatively, professionals suggest one-time passwords. This step is a higher assurance of factors. “It turns out that adding more factors of authentication to passwords isn’t the right answer. Perhaps the solution is that we need better factors,” said Painter.

Microsoft recommends passwordless solutions, which effectively defend against this and more advanced adversary-in-the-middle attacks (Bleeping Computer). Another source, TechTarget, also suggests adopting a passwordless solution. “Passwordless authentication removes passwords from the process, which can drastically reduce risk.” Other passwordless solutions use biometrics for authentication. Apple and Google’s Face ID exemplifies biometric confirmation. “Plus, passwordless authentication reduces friction and improves UX. It also increases the efficiency of IT and security operations, reducing the amount of time and effort spent handling password resets and account lockouts” (TechTarget).

“The recent Lapsis attack and other critical vulnerabilities like those of Print Nightmare have brought warnings even from the likes of the FBI regarding state-sponsored threat actors using exploits like multifactor authentication,” said Painter. Organizations of all sizes are vulnerable to these attacks, including Okta and Uber (CSO). Like most security measures, cyber attackers eventually find a way around them. Pivoting measures to the latest technology and tactics keeps your company safe and secure.

 

Follow us on social media for the latest updates in B2B!

Image

Latest

IP110H
From Hospitals to Warehouses, the IP110H Keeps Your Team in Sync
February 5, 2026

Icom’s IP110H is a compact, license-free WLAN radio built to keep teams talking—clearly and instantly—over an existing wireless network. Designed for environments like hospitals, hotels, warehouses, and tunnels, it delivers real-time, full-duplex voice using Icom’s advanced IP radio system. From Bluetooth capability to USB-C charging and a sleek, pocket-friendly design, the IP110H feels modern,…

Read More
IP501H
The IP501H Brings Effortless, Wide-Area Communication to Your Team
February 4, 2026

Meet the IP501H, a cellular two-way radio built for instant wide-area communication over LTE (4G) and 3G networks. It works just like a traditional radio—supporting individual, group, and all-call conversations—without the need for repeaters or a dedicated IP network. With everything included in the box, the IP501H is designed for quick setup and fast…

Read More
IP730D
One Radio, Three Networks, Seamless Coverage: Meet the IP730D
February 4, 2026

The IP730D is a true game-changer in professional communications, blending LTE, IDAS, and analog networks into one powerful hybrid radio. Designed for flexibility and confidence in the field, it uses dual PTT buttons to let users transmit and receive across networks seamlessly—delivering reliable, wide-area coverage wherever it’s needed. From the moment it comes out of…

Read More
IP-M60
One Device, Two Networks: Meet IP-M60, the World’s First LTE and VHF Marine Hybrid Transceiver
February 4, 2026

The IP-M60 sets a new standard in marine communications by bringing LTE and VHF into a single, purpose-built hybrid transceiver. It uniquely combines a traditional VHF marine transceiver—relied on worldwide for maritime safety—with LTE connectivity for long-range, land-based communication within cellular coverage. By uniting these two networks in a single handheld device, the IP-M60…

Read More
Related
Energy
Software & Technology
Buy, Build & AI: Your New Software Strategy for Energy Leaders
February 3, 2026
AI in energy
Healthcare
May the Agentforce Be With You: AI in Energy Services
February 3, 2026

Generative AI has moved past being a shiny demo and into the messy reality of enterprise operations—where data lives in different systems, customers expect instant answers, and security teams (rightfully) say “prove it.” In energy services specifically, even small efficiency gains matter: many retail energy providers operate on thin margins, and operational blind spots—billing…

Read More
Energy billing
Healthcare
Nightmare on Revenue Street: Energy Billing Edition
February 3, 2026

Energy billing is one of those things most people only think about when something goes wrong—an unusually high charge, a missing bill, a surprise shutoff notice, or a rate plan that suddenly doesn’t make sense. With smart meters, more complex pricing options, and different rules in regulated vs. deregulated markets, even a small breakdown…

Read More