While passwords are still the primary form of user authentication used to grant access to a company’s information systems, multi-factor authentication methods are being introduced, such as tokens. To ensure the proper usage of both, the following must be considered:
- Passwords must be carefully created and used.
- Tokens, hard or soft, must be handled carefully, with proper processes in place for replacements.
- Other multi-factor authentication methods, such as oob sms or email options, must be treated similarly.
Risks Addressed by Policy:
- Digital assets will be unsecure.
- Customer data can be easily hacked.