Strong Passwords and MFA : It’s All About the Bots

Robbie the Robot from movie Forbidden Planet

You may have noticed that more online services are requiring strong passwords – cryptic phrases or letter combinations along with symbols and numbers – and Multi-Factor Authentication (MFA). The goal is to keep services more secure than a simple password allows.

These service providers have recognized that their services are far more secure when the user has to prove they are who they are, and prove it in more than one way. A password plus a special code texted to your phone, or maybe an email to your backup email account are examples of MFA. This means that the password alone isn’t good enough to gain access; the user must satisfy an additional challenge to confirm their identity.

Why is this additional level of account security a good idea? BOTS, that’s why.

A bot is a software application that is programmed to do certain tasks. Bots are automated, which means they run according to their instructions without a human user needing to start them up. Bots often imitate or replace a human user’s behavior. https://www.cloudflare.com/learning/bots/what-is-a-bot/

Bot (like roBOT) does what you tell it. Give it instructions and it runs. Give it some rules to follow and actions to perform when certain conditions are met and off it goes.

The problem with bots is that not just the good guys use them. Bad guys use them… a lot.

Bots can send emails, engage in chats and help you reset your password. They can also carry out cyberattacks at a pace that no human could match. Bots will search for public IP addresses, they’ll pummel an address with intrusion attempts and logins and may keep trying until they’re either successful or they give up. Bots are very good at brute force, because they have all the patience they need. It’s software, so it doesn’t get tired or bored and it can be programmed to not give up.

This is among the reasons for Noobeh’s strict password policy and why we strongly recommend our clients don’t store their passwords to make connecting to the service faster and simpler. Fast and simple is good but not where security is concerned. Our goal is to not only keep your applications and data available for anytime/anywhere access, we want to keep your cloud environment secure and as safe as possible.

Contact us today to get the cloud hosting platform your business needs, along with the privacy and security features the Microsoft Azure platform can provide. Keeping your systems secure isn’t just about keeping your secret password a secret. It’s about putting in place the best methods possible to ensure that your account doesn’t get compromised because a bot guessed your pet’s name.

Make Sense?

J