most used passwords still “12345” and “password”, keep you private data as save as enterpises

secure authentification needs to be smart

sms

short message service is the most convinat second factor, but sms is insecure and can be intercepted – major us carriers working together on next-gen ‘mobile authentication platform’ to replace weak sms system

mobile id

is a more secure service, based on certificates and secured with a seperat pin – special sim needs to be provided form the carrier @mobileid

id card

electronic id function of the german passport to secure authenticate at public services, insurances or banks – registred to you secured with a pin – you need a card reader or app @personalausweisportal

oath

is an open standard that allow strong authentication of all users on all devices – no need to send or her intercepted with man in the middle (mitm) attack, code ist calculated in an app – get code right at your smartwatch or backup you accounts with andotp

update: since ios12 and macos 10.14 it is possible to configure oauth in exchange payload via emm, read detailed at: apple’s configuration profile reference

pointsharp

provides secure login with multi-factor authentication to enterprise alliances or cloud services – use pointsharp passwort for mobile services, instead of windows accounts – login with scratch cards, hardware token smartwatch, biometrics or one-time pin

fido

an alliance to provide passwordless experience and a secure second factor – a hardware device ensure the trust of identity @fidoalliance.org

microsoft announced “password-less sign-in to windows 10 & azure ad using fido2” @blog.microsoft

cloud

casb (cloud access security broker) check access based on security policy infront a a cloud service

iam (identity access management) manage user identities centralised, provide role-based access

emm alone can’t prevent users from accessing cloud services via unmanaged apps or browsers. neither iam nor casb have the visibility or ability to allow or deny access to a cloud service based on the state of the mobile device or application. @mobileiron

be safe – review here for list of websites and whether or not they support 2fa