{"id":90683,"date":"2020-03-05T09:00:06","date_gmt":"2020-03-05T17:00:06","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\/?p=90683"},"modified":"2023-05-15T23:04:19","modified_gmt":"2023-05-16T06:04:19","slug":"it-executives-prioritize-multi-factor-authentication-2020","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/","title":{"rendered":"IT executives prioritize Multi-Factor Authentication in 2020"},"content":{"rendered":"<p>In 2020, many IT executives will roll out or expand their implementation of Multi-Factor Authentication (MFA) to better safeguard identities. This is one of the key findings of a survey conducted by Pulse Q&amp;A for Microsoft in October 2019.<sup>1<\/sup> Specifically, 59 percent of executives will implement or expand MFA within three to six months. Another 26 percent will do so within 12 months. These executives are initiating these projects because they believe that MFA provides better security preparedness. They\u2019re right. MFA, which requires that users authenticate with at least two factors, can reduce the risk of identity compromise by as much as 99.9 percent over passwords alone.<\/p>\n<p>Protecting identities is vital to cybersecurity. Bad actors use compromised identities to gain a foothold in an organization, avoiding detection for an average of 100 days.<sup>2<\/sup> Historically, organizations have relied on passwords to safeguard identities, but passwords alone aren\u2019t enough. Eighty percent of hacking related breaches can be attributed to weak or compromised passwords, according to Verizon\u2019s 2019 Data Breach Investigations Report. MFA reduces risk because it\u2019s significantly harder to compromise two or more authentication factors.<\/p>\n<p>Beyond passwords, there are several different authentication factors that organizations can implement to better protect their identities. Basic MFA augments passwords with SMS, one-time passwords (OTP), and codes generated by a mobile device. Strong MFA utilizes high assurance factors such as FIDO security keys and smart cards to authenticate users. Fingerprint scans, facial scans, and other biometrics are secure authentication methods that can simplify sign-in for users. Sixty-four percent of the executives in the survey use basic MFA. Forty-three percent use strong MFA. Biometrics was cited by 11 percent of respondents.<\/p>\n<p>But things are changing fast. Ninety-one percent of executives plan to evolve their MFA implementation in the coming year. Twenty-two percent want to move to strong MFA. Another 13 percent will migrate toward biometrics. Better security is the primary driver of these changes.<\/p>\n<p>2020 is the year to prioritize MFA. You can significantly reduce your risk of identity compromise by augmenting or replacing passwords with other authentication factors. <a href=\"https:\/\/techcommunity.microsoft.com\/t5\/azure-active-directory-identity\/flash-whitepaper-why-mfa-is-a-top-priority-in-2020\/ba-p\/1194467\" target=\"_blank\" rel=\"noopener noreferrer\">Learn how organizations<\/a> are using MFA.<\/p>\n<p>&nbsp;<\/p>\n<p><em><sup>1<\/sup>Pulse Q&amp;A Inc. conducted research for Microsoft in October 2019 with 100 Security and IT executives in North America representing 17 industry sectors.<\/em><\/p>\n<p><em><sup>2<\/sup>The median number of days an organization is compromised before discovering a breach in 2017 is 101 days in comparison to 99 in 2016. Source: FireEye M-Trends 2018 Report<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>We asked IT executives how they are approaching MFA in 2020. Most are expanding their MFA deployments or making other investments to better secure their identities.<\/p>\n","protected":false},"author":96,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ms_queue_force_push":false,"ms_queue_id":"","ep_exclude_from_search":false,"_classifai_error":"","_classifai_text_to_speech_error":"","footnotes":""},"content-type":[3662],"topic":[3673,3678],"products":[],"threat-intelligence":[],"tags":[3822,3823],"coauthors":[2153],"class_list":["post-90683","post","type-post","status-publish","format-standard","hentry","content-type-news","topic-identity-and-access-management","topic-multifactor-authentication","tag-microsoft-security-insights","tag-password-protection"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.2 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>IT executives prioritize Multi-Factor Authentication in 2020<\/title>\n<meta name=\"description\" content=\"We asked IT executives how they are approaching MFA in 2020. Most are expanding their MFA deployments or making other investments to better secure their identities.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"IT executives prioritize Multi-Factor Authentication in 2020\" \/>\n<meta property=\"og:description\" content=\"We asked IT executives how they are approaching MFA in 2020. Most are expanding their MFA deployments or making other investments to better secure their identities.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2020-03-05T17:00:06+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-05-16T06:04:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-microsoft_logo_element.png\" \/>\n\t<meta property=\"og:image:width\" content=\"512\" \/>\n\t<meta property=\"og:image:height\" content=\"512\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Melanie Maynes\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Melanie Maynes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/melanie-maynes\/\",\"@type\":\"Person\",\"@name\":\"Melanie Maynes\"}],\"headline\":\"IT executives prioritize Multi-Factor Authentication in 2020\",\"datePublished\":\"2020-03-05T17:00:06+00:00\",\"dateModified\":\"2023-05-16T06:04:19+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/\"},\"wordCount\":396,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"keywords\":[\"Microsoft Security Insights\",\"Password protection\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/\",\"name\":\"IT executives prioritize Multi-Factor Authentication in 2020\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\"},\"datePublished\":\"2020-03-05T17:00:06+00:00\",\"dateModified\":\"2023-05-16T06:04:19+00:00\",\"description\":\"We asked IT executives how they are approaching MFA in 2020. Most are expanding their MFA deployments or making other investments to better secure their identities.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"IT executives prioritize Multi-Factor Authentication in 2020\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"name\":\"Microsoft Security Blog\",\"description\":\"Expert coverage of cybersecurity topics\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\",\"name\":\"Microsoft Security Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Security Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"IT executives prioritize Multi-Factor Authentication in 2020","description":"We asked IT executives how they are approaching MFA in 2020. Most are expanding their MFA deployments or making other investments to better secure their identities.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/","og_locale":"en_US","og_type":"article","og_title":"IT executives prioritize Multi-Factor Authentication in 2020","og_description":"We asked IT executives how they are approaching MFA in 2020. Most are expanding their MFA deployments or making other investments to better secure their identities.","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/","og_site_name":"Microsoft Security Blog","article_published_time":"2020-03-05T17:00:06+00:00","article_modified_time":"2023-05-16T06:04:19+00:00","og_image":[{"width":512,"height":512,"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-microsoft_logo_element.png","type":"image\/png"}],"author":"Melanie Maynes","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Melanie Maynes","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/melanie-maynes\/","@type":"Person","@name":"Melanie Maynes"}],"headline":"IT executives prioritize Multi-Factor Authentication in 2020","datePublished":"2020-03-05T17:00:06+00:00","dateModified":"2023-05-16T06:04:19+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/"},"wordCount":396,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"keywords":["Microsoft Security Insights","Password protection"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/","name":"IT executives prioritize Multi-Factor Authentication in 2020","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website"},"datePublished":"2020-03-05T17:00:06+00:00","dateModified":"2023-05-16T06:04:19+00:00","description":"We asked IT executives how they are approaching MFA in 2020. Most are expanding their MFA deployments or making other investments to better secure their identities.","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/03\/05\/it-executives-prioritize-multi-factor-authentication-2020\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/"},{"@type":"ListItem","position":2,"name":"IT executives prioritize Multi-Factor Authentication in 2020"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","name":"Microsoft Security Blog","description":"Expert coverage of cybersecurity topics","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization","name":"Microsoft Security Blog","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","width":512,"height":512,"caption":"Microsoft Security Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/"}}]}},"msxcm_display_generated_audio":false,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Security Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/90683","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/users\/96"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/comments?post=90683"}],"version-history":[{"count":0,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/90683\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media?parent=90683"}],"wp:term":[{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/content-type?post=90683"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/topic?post=90683"},{"taxonomy":"products","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/products?post=90683"},{"taxonomy":"threat-intelligence","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/threat-intelligence?post=90683"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/tags?post=90683"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/coauthors?post=90683"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}