Secure passwords

With this method, users are required to enter a unique password that has been previously created and associated with their account.

Passwords are vulnerable to attacks if not properly managed. Attackers can easily crack passwords that are weak or easy to guess. Common methods for cracking passwords include brute-force attacks, dictionary attacks, and social engineering.

To mitigate these risks, users must create strong passwords that are difficult to guess, using a combination of uppercase and lowercase letters, numbers, and special characters. Passwords should not be reused across different accounts.

Multi-factor authentication (MFA)

MFA can also be implemented as an additional layer of security beyond passwords. MFA combines something the user knows (such as a password) with something they have (such as a smartphone or token).

The problem is that it is very difficult for users to create unique and strong passwords for all applications they use, so they tend to use the same password on multiple sites and in most cases, they are not even aware if their password is in a leaked set of passwords.

Even though we understand that passwords are the most accepted solution today, we still recommend using any other method to identify users.

Breached Password Detection

One of the most common type of cyber attacks are credential stuffing. These attacks use the fact that most users tend to reuse passwords in multiple accounts. If that credential are leaked, attackers will try it out on other sites to compromise an account. To increase the security for your users, Authway has support for detecting when a breached password is used.