Freely subscribe to our NEWSLETTER

Niall McConachie, regional director (UK & Ireland) at Yubico, comments on how organisations and individuals can improve their data security practices with passwordless authentication:

“Phishing remains the most prevalent attack method due to its relatively low cost and high success rate, and the advancements of AI now only furthers this problem. Unfortunately, organisations aren’t doing enough to upgrade the cybersecurity tools and methods used to protect their staff and customers. As the rate of sophisticated phishing attacks continues to rise, Data Protection Day highlights the critical need for modern, phishing-resistant authentication from businesses and individuals to stay secure.

“It’s clear that traditional username and passwords are no longer sufficient for keeping data secure – but they unfortunately remain one of the most widely used forms of authentication globally. In fact, recent research** has found that 53 percent of employees still use usernames and passwords to authenticate business accounts, putting not only their personal data at risk of phishing attempts but also their organisations’. This can lead to significant reputational and financial damage.

“Basic username and password authentication alone is too easy for attackers to circumvent, allowing unauthorised access to online accounts and personal data. Once a password is stolen, cyber criminals can successfully bypass many forms of legacy multi-factor authentication (MFA) such as SMS-based one-time passcodes (OTPs).

“Reliable protection from modern cyber threats requires modern, phishing-resistant MFA such as hardware security keys, which can stop attacks by requiring something you know (a pin) and something you have (a security key) to insert into the device and physically touch it to gain access to accounts. Using this method of authentication is key in protecting personal data from attacks like phishing.”