Internet security specialists KnowBe4 has rolled out a new multi-factor authentication (MFA) tool aimed at advising security professionals when developing their strategy.
The complementary tool, titled the Multi-Factor Authentication Security Assessment (MASA), is a survey-based tool that questions security professionals about how their MFA solution operates.
MASA then collects the answers, determines what risks may be present and then generates a summary report that highlights the “specific risks” that the given MFA solution has.
The solution then offers further practice information and recommendations on how to better your current state of defence.
“Implementing MFA is usually a security improvement over single-factor authentication, however, like any security solution, it’s still hackable,” commented Roger Grimes, data-driven defense evangelist, KnowBe4.
According to Deloitte’s Addressing Cyber Threats: Multi-Factor Authentication for Privileged User Accounts report, 48% of cybersecurity breaches are not preventable by strong multi-factor authentication, leaving the MFA open to be hacked.
The solution was authored by Grimes, who possesses over 30 years of experience in computer security.
He concluded: “This new tool is intended to assist organisations in their overall security program analysis by revealing how MFA can be maliciously hacked in a number of ways.
“By providing security professionals with this information, we hope to better inform them of the decisions they make when it comes to security.”
Multi-factor authentication in Europe has become mandatory for certain transactions following the implementation of PSD2, SCA and 3DS2 in September.