The number of credential harvesting breaches that could have been prevented by enabling two-factor authentication (2FA) is staggering. Verizon’s 2017 Data Breach Investigation report indicates that 81% of hacking-related breaches leveraged either stolen and/or weak passwords. Yet less than 10% of Gmail users enable two factor authentication and less than one-third of people use 2FA. For companies that are required to comply with PCI, HIPAA, GDPR, etc. enabling 2FA could mean the difference between a failed hacking attempt or being subjected to substantial fines and penalties.
