OM-BP-0009: Use robust factors for MFA (Best Practice)

Owned by David Doret
Last updated: 15-28-2020
1 min read

ID

OM-BP-0009

Name

Use robust factors for MFA

Status

Active

Version

1.0

Best Practice

Do not use SMS or voice as a second factor for MFA. Use an authentication app or a physical token.

Rationale

Bad Practices

  • Use SMS or voice as a second factor for MFA.

Implementation Details

Quotes

Adopt MFA

Multi-factor authentication can stop credential-based attacks dead in their tracks. Without access to the additional factor, the attacker can’t access the account or protected resource. MFA should be mandatory for all admin accounts and is strongly recommended for all users. The preferred method is to use an authenticator app rather than SMS or voice where possible.

(https://open-measure.atlassian.net/wiki/spaces/BIB/pages/794263553, p. 73)

Bibliography

Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.

This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.