There are plenty of primers online about X.509 and how certificate authentication works. Hence the name, two factor because now the solution requires something the user knows (password) and something the user has (a certificate on the machine). To combat this and subsequently only allow access from the user’s machine, an additional factor of leveraging a certificate can be required by their remote access solution.
This makes their remote access susceptible to malicious users to compromise their accounts and access their resources from any machine. The problem with this is that many users choose an insecure password and leverage the same password for a long period of time. The vast majority of users use a password to secure their access to their resources. Something you have (token or certificate).Typically a factor of authentication boils down to one of the following: It is a security best practice to have multiple factors of authentication. Funny enough, this was an feature enhancement I submitted earlier in my career and I am happy to learn that it was implemented at some point in time. I recently received two inquiries asking for guidance on how to leverage certificates with username and password. I still believe that, however I do acknowledge that in some cases, users may not have all of the components for ZTNA and may want other options for securing their remote access. Okay, before I get into the details of this article, I know I have written about Zero Trust Network Access (ZTNA) and how it is a better method to use for secure remote access.
0 kommentar(er)
