5 Things Businesses Should Do to Strengthen Authentication

Have strong protections in place for any user credentials. At a minimum, passwords should be hashed (converted from plain text) and the databases encrypted. Better still, "salt" passwords by adding random strings before storing them.

Require that users create strong, long passwords.

Offer enhanced account protections, such as SMS warnings when a user's account is accessed from a suspect IP address or unknown device.

Embrace multifactor authentication. If it is not a compulsory mechanism, at least start rolling it out in stages, starting with your most sensitive applications and highest-risk end users.