When you extend the use of identity management to access control, you want to enable your customers to take care of their credentials and offer additional security measures. Technology executives view the vulnerability of passwords as a top concern. Some recommendations to protec customer authentication are:
Demand a strong password
Many users are tempted to reuse passwords across different sites and apps, just because remembering a different password is simply too hard. Many don’t realise that when one site is compromised, passwords can be discovered and then used elsewhere. The first wall of defense against cyber attacks starts with demanding strong passwords. Ask for more characters and stimulate using unusual characters.
Offer multi-factor authentication
Multi-factor authentication has been a top priority for enterprise web access and is becoming so for consumer access control. Allow users to choose the types of factors that work best for them and provide options for reducing sign-in friction such as, “remember me on this machine” so that users are only prompted when signing in from an unknown device. Also, only ask for additional factors when the risk and potential revenue-loss are high. Multi-factor authentication not only provides an extra layer of security beyond a strong password, but also allows the freedom for the user to customise their platform experience without compromising identity security.
Alert on suspicious logins
Provide feedback top users about unexpected use of their credentials. When your systems detect login from an unexpected location or a login from an unexpected device, send a note alerting the user of the activity and ask them to verify it and, if necessary, renew their password.