The general consensus appears to be that two-factor authentication (2FA) is the answer to our authentication needs. Be that from usage of consumer sites in our personal lives or as part of our daily requirements when signing into enterprise infrastructure and applications at work. However the cyber-attack on Three's customer upgrade database is yet another example of how 2FA is not enough. Organizations must move away from relying solely on usernames and passwords, as once again access was gained with a stolen employee login. The misuse and abuse of systems using username and password alone is now so common that… [Continue Reading]