Two-Person Authentication: Strengthening the Weakest Link in Cybersecurity

Two-Person Authentication: Strengthening the Weakest Link in Cybersecurity(techbreakdowns.com)

2 points by ashjanderson 2 years ago | 2 comments

stop50 2 years ago |

To be frank: the company im working for as an external already does this. this is the flow: 1. I call the hotline and give them my username 2. They ask me an security question, if set in an special portal(i can set any question as long the answer is long enoigh and can be spoken) 3. they contact the manager if the question was not set. He gets an word that acts like the answer for the security question.

ashjanderson 2 years ago | |

Most of the typical things we turn to for security questions _could_ be easily figured out if you were the target in an attack.

I guess what I believe should happen is #3, always. This second person is more likely to spot when something is awry with the request.