You might have found this page when searching for a login for your board portal. Have you ever thought about how easy it is for others to find the same page that you were looking for and how you can make sure they don’t get any further? The login page is the front door to your commercially sensitive documents so let’s look at ways of making sure it stays shut to unauthorised visitors.

Username – Password Pair

By far, the most commonly used method used for any sort of authentication procedure, due to its simplicity. Users are simply required to present a username, usually their email, and a corresponding password to verify their identity and gain access to their accounts.

Unfortunately, given its popularity, there is incentive to try and break this system and as a result, plenty of passwords have been breached and are widely available in numerous data leaks. To alleviate password fatigue, many users end up using the same password for all their accounts, despite strong advice from the InfoSec community. As such, these accounts are easily breached using leaked information and a username – password pair no longer provide the security it once did.

If this is no longer sufficient, for your Board Portal Log in, then what can we do?

The alternatives – Biometrics and Single Sign-On (SSO)

  • Biometrics – A simple yet convenient alternative to using a password. Biometric authentication is the use of either fingerprint scanning or facial recognition software to authenticate a user. Biometrics are inherently difficult to steal as it is part of your physical identity. There were once security risks and concerns with spoofing, however, methods used and the introduction of AI for the processing of biometrics have greatly improved our ability to accurately verify an identity. Using this solution, you can use Face ID for your Board Portal Login
  • Single Sign-On (SSO)A very close brother to the traditional username – password pair widely used. Although functionally identical to the former, SSO allows for users to authenticate to various different applications using a single account. The added benefit of this means that users are only required to remember a single password and as such do not suffer from password fatigue. As a result, users are also more likely to use a stronger and less guessable password. Furthermore, any signs of compromise or breach will mean that only a single account will have to be locked and a single password changed to prevent unauthorised access to all associated applications at once. Using SSO you can log in to your Board Portal using Microsoft Azure or an Identity and Access Management tool.

Extra Security – Multi-factor Authentication (MFA)

In addition, one could opt to further secure your Board Portal Log in through the use of multi-factor authentication.

  • Device RegistrationSome applications give you the ability to register or associate a device with your login. A typical implementation of this would require an unregistered device to produce additional verification before access is granted. Registered or previously verified devices are allowed to log in without any additional challenged.
  • One-time Passwords (OTP) – Securing your Board Portal Login account using this method will typically require you to enter a short one time use password (typically 6 digits) to complete the login process. The two most commonly used method of delivery/generation is through SMS, where the OTP is delivered to a registered phone number or through the use of an authentication app (Eg. Google Authenticator) where the OTP is generated based on the current time.

 

Convene offers multiple ways of making your Board Portal Login secure which means you can combine a Password Pair with another layer such as Biometrics. If you want to find out more visit our security page or contact us for a discussion with a security expert.

 

Dheng Siah

Written by Dheng Siah

IT Security Engineer at Azeus UK LTD

Subscribe to the Convene blog to get regular tips and updates on Governance and Digital Transformation!