Multi-Factor Authentication (MFA) is one of the most powerful security controls in existence. At WatchGuard, we believe that strong authentication is the cornerstone of security, which is why it’s so encouraging to see MFA beginning to become increasingly common in everyday products and services. So, what happens when one Apple customer decides to file a class action lawsuit against Apple based on its approach to two-factor authentication (2FA)? Security experts scratch their heads!
In his latest column for Forbes, WatchGuard CTO Corey Nachreiner examines the lawsuit to lay out this user’s reasons for suing Apple, why many of the objections are misguided and why convenience shouldn’t be prioritized over security best practices. Here’s a brief excerpt from the article:
“Like the seatbelts in our cars, MFA is a useful feature we all should use, even if it takes a bit more time. After all, this extra time adds security. Furthermore, when implemented well, MFA can be quick and easy. New MFA solutions sometimes don’t require passwords, and they allow you to authenticate just by checking your phone and pressing “approve.” Futuristic solutions are even moving toward risk-based authentication, where you may not authenticate at all until the system detects a risky action. In the end, even the most difficult MFA method is worth it compared to the time, data and money you risk losing without multiple factors of authentication.
This frivolous suit does a disservice to everyone’s cybersecurity, and I hope it gets thrown out of court.”
For more details on the plaintiff’s issues with Apple MFA, and Corey’s defense of widespread MFA use, you can read the full article on Forbes. Check out the results of WatchGuard’s survey on password practices and the current state of MFA here, and learn more about AuthPoint, WatchGuard’s cloud-based MFA solution here.