Could Multi-Factor Authentication Have Prevented Some of the Fallout from Heartbleed?

Tags:
Authentication
Can preventative measures like multi-factor authentication protect end-users against identity theft and alleviate some of the fallout from security flaws like Heartbleed? What steps can enterprises take to protect themselves? Would a solution that provides session-based multi-factor authentication have helped?

Software/Hardware used:
SMS PASSCODE Version 7.0

Answer Wiki

Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Kevin Beaver
    Of course, multi-factor authentication makes user accounts stronger and could help in such situations - assuming passwords are even exposed. There's no evidence that many were exposed across multiple websites in the case of Heartbleed - at least that I'm aware of.

    That said, if passwords are exposed, token-based multi-factor systems would be helpful. However, many "multi-factor" authentication systems I see still wouldn't be completely resistant to attack given their trivial second factor i.e. unique image or basic question such as what high school did you attend.

    Speaking of multi-factor, here's something called LatentGesture developed at Georgia Tech that might really change things up:
    http://www.news.gatech.edu/2014/04/07/personal-touch-signature-makes-mobile-devices-more-secure
    17,140 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following