Premiere: 4/15 12:40 - 13:10 

Replays: 4/15 18:40 - 19:10, 4/16 00:40 - 01:10

Multi-Factor Authentication (MFA) has long been considered an effective defense against account takeovers. However, with attackers developing automated tools to bypass MFA, relying solely on MFA is no longer sufficient. This session will explore the limitations of MFA and why a more comprehensive security strategy is essential to mitigate account compromise risks.

The presentation will cover the latest trends in MFA bypass attacks and analyze common techniques such as Pass-the-Cookies, push notification fatigue attacks, malware-based attacks, brute force, and adversary-in-the-middle (AiTM) attacks. To effectively counter these threats, organizations must go beyond traditional MFA and integrate technologies like artificial intelligence, machine learning, and behavioral analytics.

Additionally, implementing adaptive access controls, conducting regular security awareness training, and adopting a layered defense strategy are crucial to strengthening overall security. This session will provide insights into building a more resilient authentication framework to protect against evolving threats.