Deliver strong MFA for SSH and OS logins with PIV
PIV credentials are like secure passes: tie them to a security key or card, and only give them to employees who have proven their identity. Know that every time a credential is used, it is tied to a trusted user. PIV credentials prove identity during every login or SSH with strong cryptography derived from your certificate authority.
Passwords are bad practice
Remembering a long passphrase is a nuisance—their security is undermined by employees reusing them across accounts and storing them in insecure locations. Short passwords, on the other hand, are easy for attackers to crack.
After getting a foothold in your environment, the invader uses a variety of methods to harvest credentials from the network or endpoints. They then move to other systems and escalate their privileges in an enterprise network. Their target: your corporate data.
The PIV/Smart Card standard solves for this. Its private key is stored in a secure hardware module and cannot be used for lateral movement or privilege escalation. Using certificates and cryptography to identify users is not only a major leap in security, it’s a better work experience for employees: the heavy lifting is on a chip, not in your head.
Common attack tactics that PIV stops
Password theft and phishing
Harvest and Crack
Stop the att&ck
Deploying PIV (aka Smart Card login) with 0pass helps you defend against the powerful adversarial techniques in the MITRE Att&ck Framework .