Finding the Cracks in the Wall - The Hazard of Single Authentication Factor


The use of authentication factors, one of the most fundamental and well understood concepts in information security, enables secure access to applications, services, and networks. It can affect an enterprise's security posture, however, as the drastic increase in data breaches and system attacks are largely based on compromised authentication.




Authentication factors are classified as follows: "something I know,'' "something I have," or "something I am." For example, the most common factors in real life are website credentials as the something I know, mobile fingerprint authentication as the something I am, and a hardware security key as the something I have.


The most prevalent authentication method is user credentials, also known as username and password, which represents something we know. Credentials are commonly used to authenticate access to any online service, from accessing bank accounts or buying from an online retailer to accessing our company network. As credentials became more widely used, the attacks to steal or abuse this authentication method also increased and evolved. Most noticeable are credential abuse attacks using stolen credentials to try to compromise accounts, relying on users'  frequent habit of reusing their credentials on different services. 


The significant increase in data breaches we have seen over the past several years was primarily driven by stolen or compromised credentials. Compromised credentials provide threat actors the ability to launch internet-wide credential abuse attacks to hunt for accounts that are being accessed using the same credentials.


The amplification impact of these attacks is achieved by the use of dedicated tools that can be customized to the targeted login interface an ..

Support the originator by clicking the read the rest link below.