Reply to post: Multi-factor authentication is no panacea

Uni sysadmins, don't relax. Cybercrooks are still after your crown jewels, warns NCSC

dwm

Multi-factor authentication is no panacea

Phishing is highly effective against most organisations, not just universities. Email tools are notoriously difficult to operate safely, and MFA is not a panacea—if an attacker can lure a user to a fake login page under their control, they can MITM most MFA options and still gain access to the user's accounts.

Hardware tokens such as Yubikeys can be proof against such things, but procuring tens of thousands of these is hideously expensive, and has historically presented compatibility problems with common end-user devices.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022