ABT Blog

Read about mortgage technology solutions topics

MFA Compliance

Phishing-resistant MFA for financial institutions: hardware-backed FIDO2 security keys, passkeys, and Microsoft Entra ID Conditional Access protecting against AiTM, credential theft, and phishing attacks

16 min read

Phishing-Resistant MFA for Financial Institutions: Why FFIEC, NCUA, and OCC Examiners Now Expect FIDO2, Passkeys, and Hardware Keys

Justin Kirsch: Thu, Apr 30, 2026

In This Article What "Phishing-Resistant" Authentication Actually Means Why SMS, Push, and One-Time Codes No Longer Pass the Bar What FFIEC Examiners...

financial data security phishing multi-factor authentication cybersecurity FFIEC microsoft MFA Compliance
Read More
Microsoft 365 device code phishing attack pathway showing token replay from Railway PaaS infrastructure to a compromised financial institution tenant

26 min read

M365 Device Code Phishing: MFA Is Being Bypassed at Scale

Justin Kirsch: Wed, Apr 15, 2026

Prefer to watch? Every security control did its job. The tokens still went to the attacker. Watch the 26-second Short, then the 10-minute walkthrough...

microsoft office 365 phishing cybersecurity MFA Compliance
Read More
Company
Platform
Resources
Connect
Talk to an Expert (888) 422-3400
Microsoft Solutions Partner
Cloud Solution Provider
Tier 1 Direct Partner Authority
SOC 2 Type II Defender Zero Trust GLBA / FTC Safeguards 750+ Institutions Purview Governance Copilot Governance
Terms of Service Privacy Policy Acceptable Use Policy Security and Responsible Disclosure
© 2026 Access Business Technologies. All rights reserved.