Phishing-resistant MFA | Zero Trust | Cloudflare

4 min read Original article ↗

Activate phishing-resistant MFA with Cloudflare

Thwart phishing scams by enforcing strong authentication

Phishing remains one of the most prevalent kinds of threats—and it is often just the first step in a larger attack. Implementing FIDO2-compliant multi-factor authentication (MFA) as part of a Zero Trust security approach neutralizes the threat posed by multi-channel phishing.

Phishing resistant MFA - HERO - Image

The Cloudflare difference

Security lock icon

Reduce multi-channel phishing risk

Avoid vulnerabilities of other authentication methods. Unlike one-time PINs, FIDO2 MFA cannot be intercepted by an attacker. Implement MFA broadly — and require it — through Zero Trust policies.

Icon squared - Phishing

Enhance your access management

Augment your identity provider (or multiple providers) with Zero Trust Network Access (ZTNA) to easily enforce FIDO2 MFA across more resources.

Security shield protection checkmark - Icon

Maximize MFA impact

Avoid vulnerabilities of other authentication methods. Unlike one-time PINs, FIDO2 MFA cannot be intercepted by an attacker. Implement MFA broadly — and require it — through Zero Trust policies.

HOW IT WORKS

Defeat phishing with FIDO2 MFA and Cloudflare

Cloudflare’s Zero Trust platform can enforce FIDO2 MFA consistently across SaaS, self-hosted, and non-web resources.

  • Implement Cloudflare’s ZTNA service to apply strict contextual verification for accessing all your organization’s resources.
  • Bolster security with FIDO2-compliant MFA that makes it nearly impossible to intercept or steal users’ credentials.
  • Selectively enforce strong MFA, starting with sensitive apps. Go beyond just supporting FIDO2 MFA and start to require it.
  • Enable broad deployment. Not all apps support FIDO2 MFA natively. As an aggregation layer, Cloudflare’s ZTNA service helps roll it out to all resources.

[ZT PMM] Phishing resistant MFA diagram

Ready to discuss phishing-resistant MFA?

Contact us

No options

Select your job level... *

No options

Select your job function... *

No options

Bolivia, Plurinational State of

Bonaire, Sint Eustatius and Saba

British Indian Ocean Territory

Congo, the Democratic Republic of the

Falkland Islands (Malvinas)

French Southern Territories

Heard Island and McDonald Islands

Holy See (Vatican City State)

Lao People's Democratic Republic

Macedonia, the former Yugoslav Republic of

Saint Helena, Ascension and Tristan da Cunha

Saint Martin (French part)

Saint Pierre and Miquelon

Saint Vincent and the Grenadines

Sint Maarten (Dutch part)

South Georgia and the South Sandwich Islands

Tanzania, United Republic of

Venezuela, Bolivarian Republic of

 
In submitting this form, you agree to receive information from Cloudflare related to our products, events, and special offers. You can unsubscribe from such messages at any time. We never sell your data, and we value your privacy choices. Please see our Privacy Policy for information.

WHY CLOUDFLARE

Cloudflare’s connectivity cloud restores control and visibility to IT environments

Icon container

Composable architecture

Address diverse security and networking needs with extensive interoperability and customizable networking.

ABM - Woolworths - Elevating the Digital Customer Journey - Card 1 - Icon

Performance

Deliver better user experiences with a global network that is approximately 50 ms from ~95% of Internet users.

Cloudflare radar - Tile

Threat intelligence

Prevent more attacks with intelligence gleaned from proxying ~20% of the web and blocking ~215 billion threats daily.

Mobile device icon

Unified interface

Reduce tool sprawl and alert fatigue by uniting every hybrid work security service in one UI.

Resources

Thumbnail - Report - Template 3 Graphs

Case study

How Cloudflare stopped a targeted phishing attack

Read how Cloudflare’s Zero Trust approach, including security keys, helped thwart a targeted phishing attack.

Read case study  

Blog Resource Thumbnail

BLOG POST

How Cloudflare implemented security keys

Learn the steps Cloudflare took to roll out FIDO2 security keys and Zero Trust to all apps and employees.

Read blog