A systems analyst is concerned that the current authentication system may not provide the appropriate level of security. The company has integrated WAYF within its federation system and implemented a mandatory two-step authentication system. Some accounts are still becoming compromised via phishing attacks that redirect users to a fake portal, which is automatically collecting and replaying the stolen credentials.
Which of the following is a technical solution that would BEST reduce the risk of similar compromises?
A. Security awareness training
B. Push-based authentication
C. Software-based TOPT
D. OAuth tokens
E. Shibboleth