Insiders of companies mandated to use best practices. Client login usually falls short.
Across multiple types of business from banking to web-only based stores. A common practice I see is that the business is going to great lengths to secure itself. This includes physical access and digital access. I often ask them how they are truly helping their client login have the same level of security for their digital accounts? The answer is usually that they hope and pray the customer is using a “strong password”. Then maybe they have opted for offering Two-Factor Authentication (2FA, MFA).
Client facing login:
They all agree the client-facing login lacks the ability to provide the same level of security. Becoming one of the toughest hurdles to overcome. The necessity for a simple user experience has far outweighed the need for a secure login. However, recent events are forcing business to create cumbersome client logins to authenticate an individual. Before they can be authorized to do anything beyond the front door.
When it comes to the internal access points for banks, digital agencies, or large corporate entities. The issue becomes accessibility from various locations or situations. Most have the critical data locked down within a certain environment. The challenge is that customers and third-party applications need to be able to access the data from outside the locked down “intranet.”
The reigning champ for inherent risk to these access points is still the username and password set of credentials.
Most of the solutions currently targeting this issue have just added layers of tasks to the login process, in an attempt to eliminate the bad actors. From RSA one-time passwords (OTP) to physical tokens (Yubikey, Titan key), which to be effective need to be removed from the device when not in use. Another method is by adding mobile apps with OTP.
None of these solutions remove the core issue and frustration of usernames and passwords. This led to the evolution of the Password Vault. Using these vaults has made life easier for us, so we don’t have to remember our usernames and passwords – the system just auto-fills or stuffs them in for you (the same thing that hackers do when they acquire your credentials from a breached site).
So back to the question – how do we help protect not only the insiders at a bank or corporation and how do we Simplify and Secure the login for external users?
Answer – replace the client login with Secure Login by TraitWare
Also see this recent article by Joe Casabona titled Clients mess everything up. On why we need to help the client and consumer do better.