One of the forms of multifactor authentication that can pose a threat to companies are USB drives. Using a USB drive as a password is very similar to the use of Smart Card Technology. When a user wants to access their company computer, the USB drive is inserted and a pin number is entered.
Using a PIN number drastically decreases the entropy of a password. A password and PIN number are essentially the same thing. With shorter passwords and less character sets (like a PIN), the chances of a hacker cracking your passwords and breaching your network is much higher.
Besides the previously mentioned threat, let’s think about the size of a USB drive, where do you store it? Most USB drives are anywhere from one to three inches long. Furthermore, most USB drives do not have hooks to clip to key chains. USB drives are placed in the pockets of jackets, dress pants, and other similar places. Think about this for a moment – the USB drive that locks and unlocks our computer we knowingly keep in not secure places with the chances of being lost, misplaced, or stolen.
If you have any questions about creating a strong password policy for your organization, please do not hesitate to e-mail us at [email protected] Someone on the nFront team will be happy to discuss your options.