While organizations should definitely try to increase the penetration of multi-factor authentication (MFA) and password-less authenticators across their systems, in the meantime they should do what they can to improve the security of their existing credential systems. One thing to keep in mind is that a lot of new research and guidance in the last few years has changed industry consensus as to the best way of doing this.

Read full article on Dark Reading