Adaptive authentication is a term that describes the ability to conduct a risk analysis for an attempted authentication and determine based on the analysis result whether to allow access or require additional verification from the requesting user. For example, adaptive authentication enables to replacement of constant MFA push notifications that can be disruptive to user experience and require MFA only when there is a suspected risk.
The parameters adaptive authentication takes into account vary, depending on the nature of authentication and the environment where it takes place, but would typically search for any anomalies – location, device, user behavior, and others.
The adaptive authentication risk engine is either a native part of the identity provider’s authentication mechanism or plugged into this mechanism by an external provider. That way or the other, the standard authentication flow is altered in the following manner:
Adaptive authentication is, in theory, the ultimate line of defense against identity threats that utilize compromised credentials to access target resources and should detect the various anomalies such malicious authentications entail.
Within a SaaS environment, adaptive authentication can detect when an authentication attempt takes place from impossible locations or when simultaneous logins occur – clear indications that the authenticating user is not the legitimate one and that the user’s credentials were compromised.
However, the AD environment doesn’t support any type of adaptive authentication. There is no way to add a risk analysis part to NTLM and Kerberos authentication flows.
This creates both a detection and prevention gap since any attacker that has compromised the valid credentials of legitimate users can authenticate with them to access workstations, servers, and on-prem applications at will. This gap enables lateral movement and ransomware spread attacks to thrive without disruption. Learn how Silverfort solves this problem.
Adaptive authentication is a method of authentication that uses multiple factors to determine the level of risk associated with a given login attempt. The four main types of adaptive authentication are:
Adaptive authentication often combines multiple types of authentication methods together to improve security and reduce the risk of unauthorized access.
AAA is a framework that describes the process of verifying the identity of a user or device and then granting or denying access to network resources based on that identity.
AAA framework is commonly used in networking and security protocols to provide centralized authentication, authorization and accounting services.
Adaptive authentication is a method of authentication that uses multiple factors to determine the level of risk associated with a given login attempt. It works by assessing the user’s identity and the context of the login request, and then applying different levels of authentication based on the level of risk. The process typically works as follows:
Adaptive authentication strikes a balance between security and user convenience. It allows organizations to protect their resources and data by applying stronger authentication methods for high-risk login attempts, while still providing a smooth and convenient login experience for low-risk attempts.