A company’s executive team is worried about someone logging into its cloud portal with a stolen credential. They ask for an extra safeguard that still allows efficient logins for administrators. Which measure is most suitable?
Apply daily password updates to accounts
Enable multifactor login using time-based codes
Use one public key shared across administrators
Set an IP-based restriction for each user to one internal address
Enabling multifactor authentication (MFA) with time-based codes ensures that a stolen password alone is insufficient for unauthorized access. An attacker would also need the additional factor and would be blocked otherwise. IP-based restrictions alone do not address overlooked internal threats or address situations where the source IP is easily spoofed. Forcing daily password changes can encourage weak practices instead of strengthening defenses. Sharing one public key introduces a single point of failure that compromises every account if the key is discovered.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is multifactor authentication (MFA) with time-based codes?
Open an interactive chat with Bash
Why is IP-based restriction not sufficient for securing cloud portals?
Open an interactive chat with Bash
How could daily password changes weaken security practices?