Improving Security Measures: The Importance of Multi-Factor Authentication and Data Encryption

Painful mistake, but okay, shit happens, I don’t really blame Ubiquity for mistakes being made.

What I do blame Ubiquity (and many others) for is not sufficiently anticipating that things will go wrong.

The old adage in security is that you should never rely on one resource, but always need multiple layers of security to catch errors in the outer layer. Nowadays, for example, when logging in, you not only use a password, but also a code or other form of multi-factor authentication.*
Fortunately, MFA is starting to catch on, but our focus is mainly on access to the site. Once logged in, all interior doors are open.

It would be better to split things up a bit more, for example by encrypting data before sending it. Such a security camera could put a password on the video, independent of the password needed to log in to Ubiquity’s site. If someone ends up on someone else’s account due to a mistake or a hack, the video images will still not be viewable.

To be clear, such a system is more difficult than doing everything with one password. It is not my intention to blame Ubiquiti for problems that affect the entire industry, but it is a good example to show where we still need to improve.

* I would like to note that layers can be at different levels. If you zoom in far enough you can reduce every situation to a single resource (e.g. the question of whether you need MFA to use your 2fa token).

2023-12-15 10:40:26
#Ubiquiti #acknowledges #error #users #gained #access #elses #account