This article was originally published on Descope . According to the 2024 Verizon Data Breach Investigation Report, 7 out of 10 cybercriminals prefer targeting users over attacking IT infrastructure. This preference isn't surprising: humans, not firewalls, are susceptible to phishing (social engineering attacks that steal login credentials). While MFA (multi-factor authentication) is widely accepted as phishing-resistant using any combination of factors, leveraging possession-based authentication has emerged as the gold standard today. Unlike knowledge-based authentication, the possession factor establishes user presence. Thanks to the proliferation of smartphones, virtually everyone can leverage the possession factor for 2FA (two-factor authentication) . But for companies and customers who want to improve their possession-based authentication security even further, YubiKeys provide the perfect combination of resilience and convenience.…