Multi-factor authentication (MFA) recorded a considerable jump in 2023 even as remote access authentications fell drastically with return-to-office becoming the new reality, according to a Cisco report.
The report, which was based on data from 16 billion Duo authentications globally in 2023, spanned millions of browsers, endpoints, and phones across North and Latin America, Europe, the Middle East, and the Asia Pacific, according to the company.
âWeâre going to see this trend continue,â said Cisco Advisory CISO, Dave Lewis. âThe rationale really is the pandemic in many ways pushing global staff to work remotely. As attackers pivoted to this new reality, using new ways to trick people and give up passwords, organizations shifted focus to deploying MFAs efficiently as these are not quite as simple to compromise.â
Cisco acquired Duo in 2018 for $2.35 billion to help customers securely connect any user to any application on any network.
App-based authentication preferred
The report revealed that the number of MFA authentications using Duo rose by 41% globally, with Germany, Japan, and Brazil contributing the strongest tailwinds with 52.3%,28%, and 26.3% year-on-year growth respectively.
This was even though a considerable batch of global workforce returned to office last year and the remote access authentications fell to only 25% of all Duo authentications.
Duo Push, which uses app-based authentication, emerged as a strong authentication method as 91.5% of accounts enabled Duo Push as one of the authentication factors, accounting for over 3.2 billion authentications (21%). Duo push was preferred over legacy authentication methods such as SMS and phone calls (at 4.9% in 2023).
âI think itâs the pivot of people realizing that SMS-based authentication is easily compromised, and there’s a huge push by attackers to compromise SIM cards and be able to spoof those numbers and then, by virtue, be able to intercept SMS,â Lewis added.
Authentication failure and lacking policies raise concerns
Five percent of all measured authentications failed, with 28% of failures attributed to users not being enrolled in the system. This presents a very risky area opening up the scope for attackers to gain unauthorized access to sensitive data or critical systems, leading to data breaches, according to the report.
It was also observed that 96.4% of organizations have no policy related to location (allow, deny, or require 2FA), opening their networks to attacks through unauthorized cross-geography access.
âFundamentally, 96% of organizations overall don’t have any geographical based blocking whatsoever, meaning they have attackers from all of the planet,â Lewis added. âGeo-blocking has limited utility, but it does reduce a lot of the noise for many organizations.â
Despite heavy adoption, MFA was found to have lighter organization-wide deployments, which can lead to credential compromises, rendering the partial adoption counterproductive. The average company had 40.26% of accounts with either no MFA or a weak MFA 2.Â