{"id":9343,"date":"2022-03-15T13:39:00","date_gmt":"2022-03-15T13:39:00","guid":{"rendered":"https:\/\/www.realvnc.com\/en\/?post_type=blog&#038;p=9343"},"modified":"2026-01-19T16:00:54","modified_gmt":"2026-01-19T16:00:54","slug":"mfa-for-remote-access","status":"publish","type":"blog","link":"https:\/\/www.realvnc.com\/en\/blog\/mfa-for-remote-access\/","title":{"rendered":"3 Reasons Why MFA for Remote Access Should Be Mandatory"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"9343\" class=\"elementor elementor-9343\" data-elementor-post-type=\"blog\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-3c413b0a elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"3c413b0a\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1753756c\" data-id=\"1753756c\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-862a17c elementor-widget elementor-widget-text-editor\" data-id=\"862a17c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p data-pm-slice=\"1 3 []\">While the pandemic may feel like a distant memory, its effects are still causing ripples for businesses worldwide. As companies scrambled to set up their remote working infrastructure and align with government guidance, IT departments often had to forgo their usual due diligence in favor of implementation speed.<\/p><h2>From Pandemic Response to Permanent Security Challenge<\/h2><p>The focus was on productivity, and getting the business operational was the main goal. It makes perfect sense; the world was responding to a complete shift in how we work. But now, we&#8217;ve all either heard about or experienced the massive rise in cyberattacks since the pandemic started. And securing everything about how your <a href=\"https:\/\/www.realvnc.com\/en\/discover\/remote-work-from-home-access\/\" target=\"_blank\" rel=\"noopener noreferrer\">remote workforce<\/a> connects to the corporate network has become the priority.<\/p><h2>Focusing on Who Connects, Not Just How<\/h2><p>The focus for most companies has been on \u201chow to connect securely.\u201d With the emphasis on the connecting part and not necessarily on ensuring that. Regardless of how the remote workforce gains <a href=\"https:\/\/www.realvnc.com\/en\/discover\/remote-desktop\/\" target=\"_blank\" rel=\"noopener noreferrer\">remote access<\/a>, it helps\u00a0ensure the organization&#8217;s <a href=\"https:\/\/www.realvnc.com\/en\/connect\/security\/\" target=\"_blank\" rel=\"noopener noreferrer\">security posture<\/a>.<\/p><p>The answer was to use the native\u00a0<a href=\"https:\/\/www.realvnc.com\/en\/discover\/windows-remote-desktop-software\/\" target=\"_blank\" rel=\"noopener noreferrer\">remote desktop functionality built into Windows\u00a0<\/a>for some. Others did the same but used a VPN first to encrypt the connection. Still, others use some form of third-party <a href=\"https:\/\/www.realvnc.com\/en\/connect\/\" target=\"_blank\" rel=\"noopener noreferrer\">remote access solution<\/a>, which likely provides even better security and control.<\/p><p>Regardless of your answer (and disregarding, for the moment, the apparent or nonexistent cybersecurity value each solution provides), I want to place your focus on the need for multi-factor authentication (MFA) when providing any\u00a0remote access.<\/p><h2>What is Multi-Factor Authentication (MFA)?<\/h2><p>Multi-factor authentication (MFA) is a secure access control process that&#8217;s more secure than a password alone. It combines <a href=\"https:\/\/www.realvnc.com\/en\/blog\/multi-factor-authentication-is-it-worth-it\/\" target=\"_blank\" rel=\"noopener noreferrer\">several unique credentials<\/a> for an individual to verify the user\u2019s identity. When dealing with remote access, MFA helps organizations ensure that all remote users are who they say they are when attempting to access devices and systems.<\/p><h3>Common MFA Methods<\/h3><p>An MFA combination involves two or more of the following credentials:<\/p><ul><li><p><strong>Something the user\u00a0<em>knows: <\/em><\/strong>A password, PIN, or the answer to a security question<\/p><\/li><li><p><strong>Something the user\u00a0<em>has:<\/em><\/strong> A device, a smart card, or a key fob<\/p><\/li><li><p><strong>Something the user\u00a0<em>is:<\/em><\/strong> A biometric authentication, like voice, a fingerprint, or even an iris scan<\/p><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-522d00d elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"522d00d\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-14c376c\" data-id=\"14c376c\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-519595c elementor-widget elementor-widget-image\" data-id=\"519595c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"680\" height=\"680\" src=\"https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/mfa-know-have-are-combinations.webp\" class=\"attachment-full size-full wp-image-84432\" alt=\"MFA Something You Know-Have-Are Combinations\" srcset=\"https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/mfa-know-have-are-combinations.webp 680w, https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/mfa-know-have-are-combinations-300x300.webp 300w, https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/mfa-know-have-are-combinations-150x150.webp 150w\" sizes=\"(max-width: 680px) 100vw, 680px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-501b0ae elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"501b0ae\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-ab055d9\" data-id=\"ab055d9\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-7354dde elementor-widget elementor-widget-text-editor\" data-id=\"7354dde\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p data-pm-slice=\"1 1 []\">Another common method is using Time-based One-Time Passwords (TOTP). These are usually random numbers that are only valid for a short time and are generated by apps like Google Authenticator.<\/p><p>These additional verifications provide layers of security, so that even if one of the authentication factors is compromised, anyone trying to gain unauthorized access encounters added obstacles that make it increasingly difficult. For example, if a password is compromised, the account cannot be breached without additional credentials.<\/p><p>While it may seem like this is a lot of information required to access each secure system, many organizations integrate Single-Sign-On (SSO) with multi-factor authentication to make it easier to log in to multiple applications.<\/p><h2>Why is Implementing MFA Critical for Access Management?<\/h2><p>Implementing multi-factor authentication strengthens your overall security posture by ensuring only authorized users gain access to sensitive systems and sensitive data. This is an important factor for companies following zero-trust principles.<\/p><p>Modern MFA solutions work seamlessly with virtual private networks (VPNs), remote desktop connections, cloud platforms, and third-party remote access systems to provide robust security across all remote connections.<\/p><p>Aside from strengthening security protocols, integrating MFA for remote access can also help your organization meet regulatory standards and compliance requirements like HIPAA, GDPR, NIS2, and PCI-DSS. It&#8217;s also helpful during audits to demonstrate compliance by restricting access to sensitive systems.<\/p><h2>Is Two-Factor Authentication (2FA) the Same as MFA?<\/h2><p>Not exactly. Two-factor authentication (2FA) is a form of multi-factor authentication. So\u00a0what are the two factors used in two-factor\u00a0authentication?\u00a0The first one is usually something the\u00a0user knows, like a password for\u00a0an online account or the PIN to a credit card.\u00a0The second factor can be anything the user has or is, such as a text to a device, a\u00a0physical card, a fingerprint, or any of the other options listed above (and more!).\u00a0<\/p><p>Given the nature of\u00a0<a href=\"https:\/\/www.realvnc.com\/en\/?lai_vid=EWwg99E0dTNvM&amp;lai_sr=60-64&amp;lai_sl=m&amp;lai_na=541618\" target=\"_blank\" rel=\"noopener\">remote access<\/a>\u00a0activities, security is of paramount importance, and MFA adds a very strong additional defense to prevent criminal attacks. It should be a mandatory part of any enterprise remote access strategy.\u00a0<\/p><p>I&#8217;m a huge believer in MFA for remote access for literally\u00a0<em>everyone<\/em>\u00a0in the organization to preserve your cybersecurity stance. So, here are three reasons why I&#8217;m passionate about seeing MFA as part of your secure remote access strategy.<\/p><h2>1. There&#8217;s Too Much \u201cAccess\u201d to Remote Access<\/h2><h3>The Scale of the Problem<\/h3><p>While we&#8217;d all like to think that technologies like Microsoft&#8217;s built-in Remote Desktop Protocol (RDP) aren&#8217;t accessible from the Internet, that&#8217;s just not the case. Since October 2025, GreyNoise has tracked a <a href=\"https:\/\/www.greynoise.io\/blog\/botnet-launches-coordinated-rdp-attack-wave\" target=\"_blank\" rel=\"noopener noreferrer\">coordinated botnet operation<\/a> involving over 300,000 unique IP addresses from more than 100 countries specifically <a href=\"https:\/\/www.realvnc.com\/en\/blog\/remote-access-attacks\/\" target=\"_blank\" rel=\"noopener noreferrer\">targeting RDP services<\/a> in the United States. This represents just one campaign among countless ongoing attacks.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-1e96208 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"1e96208\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-8fc1fdc\" data-id=\"8fc1fdc\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-8c769f8 elementor-widget elementor-widget-image\" data-id=\"8c769f8\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"1360\" height=\"869\" src=\"https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/greynoise-attack-tracking.webp\" class=\"attachment-full size-full wp-image-84433\" alt=\"GreyNoise tracking coordinated botnet operation attack\" srcset=\"https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/greynoise-attack-tracking.webp 1360w, https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/greynoise-attack-tracking-300x192.webp 300w, https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/greynoise-attack-tracking-1024x654.webp 1024w, https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/greynoise-attack-tracking-768x491.webp 768w\" sizes=\"(max-width: 1360px) 100vw, 1360px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-9a97034 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"9a97034\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-076fce8\" data-id=\"076fce8\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-56cd3d0 elementor-widget elementor-widget-text-editor\" data-id=\"56cd3d0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p data-pm-slice=\"1 1 []\">The scale and sophistication of these attacks continue to evolve just as fast as the technologies used to combat them. The botnet operation used centralized control with similar TCP fingerprints across participating IPs, employing RD Web Access timing attacks and RDP web client login enumeration, demonstrating that attackers are using coordinated, automated systems to <a href=\"https:\/\/www.realvnc.com\/en\/blog\/remote-access-security-risks\/\" target=\"_blank\" rel=\"noopener noreferrer\">probe for vulnerabilities<\/a> at a massive scale.<\/p><h3>Weak Passwords Compound the Problem<\/h3><p>It&#8217;s not just sophisticated botnets that organizations need to worry about. Analysis of actual passwords used in live RDP attacks reveals why these campaigns persist. Specops Software <a href=\"https:\/\/specopssoft.com\/blog\/passwords-used-in-attacking-rdp-ports\/\" target=\"_blank\" rel=\"noopener noreferrer\">examined 15 million passwords<\/a> from real-world RDP attacks from 2024 to 2025 and found that 45% consisted only of numbers or lowercase letters, and 98.65% were 12 characters or fewer.<\/p><p>Even passwords that technically meet complexity requirements are commonly attacked. &#8220;P@ssw0rd&#8221; appeared over 254,000 times in these attacks, while &#8220;Welcome1&#8221; was found more than 113,000 times. These examples highlight a critical issue: Passwords that meet standard organizational requirements (8 characters, 1 capital, 1 number, 1 special character) can still be predictable and vulnerable because of common base terms.<\/p><h3>Finding and Exploiting Exposed Connections Isn&#8217;t Difficult<\/h3><p>One fundamental reason these attacks are so prevalent is the ease of finding and exploiting exposed remote access connections. Threat actors run automated scans across all ports looking for RDP responses, then launch brute-force password attacks when no MFA is required. Organizations monitoring their RDP servers often discover hundreds or even thousands of failed login attempts from <a href=\"https:\/\/www.realvnc.com\/en\/blog\/remote-access-attacks\/\" target=\"_blank\" rel=\"noopener noreferrer\">hackers, bots, and ransomware operators<\/a>.<\/p><p>The point here is that this massive number of attacks wouldn&#8217;t exist if there were no RDP sessions externally accessible in the first place. In short, there are way too many organizations today that have RDP-based access to their networks. And even if you&#8217;re not using RDP specifically, but are using a third-party remote access solution, many threat actors use the same solutions for remote access during cyberattacks.<\/p><h3>Add Multiple Authentication Methods to Shut Down Threats<\/h3><p>Should an organization require MFA over these exposed RDP connections (which should be disabled from direct Internet exposure, for the record), the likelihood of these attacks succeeding (as they exist today) diminishes to zero.<\/p><p>Even when attackers obtain valid credentials through brute force, password spraying, or credential stuffing, they cannot proceed without the second authentication factor.<\/p><p>There is no native Microsoft RDP solution to prevent <a href=\"https:\/\/www.realvnc.com\/en\/blog\/brute-force-attacks\/\" target=\"_blank\" rel=\"noopener noreferrer\">brute-force attacks<\/a>, so attackers have free rein to try as many user\/password combinations as they like.<\/p><p>MFA transforms this vulnerability. Without access to the user&#8217;s second factor (whether it&#8217;s a mobile authenticator app, hardware token, or biometric verification), compromised credentials alone become useless to the attacker.<\/p><h3>Be Wary of MFA Fatigue<\/h3><p>While MFA is a massive hurdle for attackers, it is not a &#8220;set it and forget it&#8221; solution. Sophisticated threat actors now use &#8220;<a href=\"https:\/\/sbscyber.com\/blog\/mfa-fatigue-improving-the-second-factor\" target=\"_blank\" rel=\"noopener noreferrer\">MFA Fatigue<\/a>&#8221; or &#8220;Push Bombing&#8221; attacks. In this scenario, after obtaining a password, the attacker triggers dozens of push notifications to the user\u2019s device, hoping the victim will eventually hit &#8220;Approve&#8221; just to make the alerts stop.<\/p><p>To combat this, organizations should move toward MFA number matching, which requires the user to enter a specific code shown on the login screen into their authenticator app, ensuring the person approving the request is the same person sitting at the keyboard.<\/p><h2>2. Credentials Are Too Easy to Obtain<\/h2><p>In many cases, the use of remote access comes in conjunction with a phishing campaign intent on tricking users into providing their Microsoft 365 credentials. In\u00a0<a href=\"https:\/\/hoxhunt.com\/guide\/phishing-trends-report\" target=\"_blank\" rel=\"noopener noreferrer\">80% of phishing attacks<\/a>, the goal is to obtain user credentials, such as login credentials. Since these are often the same credentials as the user&#8217;s Active Directory account, the credentials provide a threat actor with everything they need, providing an RDP session to connect to within the same organization.<\/p><h3>Multiple Credential Acquisition Vectors<\/h3><p>Beyond phishing emails, credentials are being compromised through several interconnected attack methods:<\/p><ul><li><p><a href=\"https:\/\/www.realvnc.com\/en\/blog\/goto-security-breach\/\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>Data breaches<\/strong><\/a> at third-party services leak passwords that employees reuse across work accounts<\/p><\/li><li><p><strong>Password spraying attacks<\/strong> systematically test commonly used passwords (such as the 254,000 &#8220;P@ssw0rd&#8221; attempts documented in recent RDP attacks) across multiple accounts<\/p><\/li><li><p><a href=\"https:\/\/www.realvnc.com\/en\/blog\/4-ways-to-protect-yourself-from-credential-stuffing\/\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>Credential stuffing<\/strong><\/a> leverages breached username\/password pairs from consumer services against corporate access points<\/p><\/li><li><p><strong>Social engineering<\/strong> manipulates help desk staff into resetting credentials for attackers posing as legitimate users<\/p><\/li><li><p><strong>Dark web marketplaces<\/strong> sell corporate access credentials, particularly those with remote access capabilities, at premium prices<\/p><\/li><\/ul><p>The scale of this problem has accelerated dramatically. Organizations monitoring their systems often discover that attackers no longer need sophisticated technical exploits. They simply purchase or phish valid credentials and authenticate through legitimate remote access channels.<\/p><h3>How MFA Prevents Credential Theft<\/h3><p>Again, with the use of MFA in place for RDP, the credentials on their own are useless. An attacker may possess a valid username and password, but without the second authentication factor (whether a push notification to a registered device, time-based one-time password, or biometric verification), they cannot establish the remote session.<\/p><p>However, when organizations enable MFA as part of their <a href=\"https:\/\/www.realvnc.com\/en\/blog\/guide-secure-remote-access\/\" target=\"_blank\" rel=\"noopener noreferrer\">secure remote access<\/a> setup, they also likely have it in place for cloud apps, making the obtaining and use of credentials in the first place difficult to impossible. This creates a security posture where credential theft, whether through phishing or other methods, no longer provides attackers with meaningful access. The phishing email might successfully harvest a password, but without the second factor, the attack terminates at the authentication stage, making stolen credentials operationally worthless to the attacker.<\/p><h2>3. Remote Access Provides Too Much Privilege<\/h2><h3>Every Compromised Account is a Gateway<\/h3><p>A given compromised set of credentials initially gives threat actors a foothold within the business and access to any data and applications that the user has access to. This, alone, creates a tremendous risk, depending on the user account. It also gives them access to a Windows endpoint (in most cases). Depending on how well-patched the OS and applications are, the remote access endpoint may provide an easy path to obtaining elevated credentials by taking advantage of vulnerabilities commonly used in attacks. In addition, it gives the threat actor a\u00a0<em>known<\/em>\u00a0<em>identity within<\/em>\u00a0the organization to further attack the rest of the company.<\/p><h3>Real-World Attack Scenario: The Mailroom Clerk<\/h3><p>I like to use the example of the mailroom clerk who only has web access to visit shipping company websites and their corporate email. If they were the ones compromised by a threat actor, they could be used to send a simple phishing email to every person in the organization. By using the social engineering tactic of informing victims that a package is waiting for them and providing a malicious link, a single low-level account becomes a launchpad for a company-wide breach.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-11affb2 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"11affb2\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-8407a18\" data-id=\"8407a18\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-46cf5e5 elementor-widget elementor-widget-image\" data-id=\"46cf5e5\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"680\" height=\"1704\" src=\"https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/mailroom-clerk-scenario-with-vs-without-mfa.webp\" class=\"attachment-full size-full wp-image-84434\" alt=\"Real-world attack scenario with vs without MFA\" srcset=\"https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/mailroom-clerk-scenario-with-vs-without-mfa.webp 680w, https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/mailroom-clerk-scenario-with-vs-without-mfa-120x300.webp 120w, https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/mailroom-clerk-scenario-with-vs-without-mfa-409x1024.webp 409w, https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/mailroom-clerk-scenario-with-vs-without-mfa-613x1536.webp 613w\" sizes=\"(max-width: 680px) 100vw, 680px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-27fd2d4 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"27fd2d4\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-e6826f0\" data-id=\"e6826f0\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-0f2683c elementor-widget elementor-widget-text-editor\" data-id=\"0f2683c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p data-pm-slice=\"1 1 []\">Add in MFA to this scenario, and the threat actor cannot reach the remotely accessible endpoint in the first place.<\/p><h2>Implementing MFA is Just What Your Remote Access Needs<\/h2><p>Secure remote access is a productivity play; it empowers organizations to extend the reach of the corporate network out to their employees&#8217; homes, coffee shops, hotels, etc. But that extension also includes developing the organization&#8217;s potential threat surface to those very same places. The addition of modern MFA methods to remote access security creates a defense-in-depth strategy (layered on top of basic credentials) to help stop cyberattacks before they ever really get started.<\/p><p>Whether you rely on RDP, a VPN, or a third-party remote access solution, MFA for every user is no longer optional. It is the only way to ensure that the person using the credential is the actual owner of that identity. In an era where 80% of phishing attacks target your credentials, MFA is the single most effective investment you can make to protect your organization\u2019s data, reputation, and future.<\/p><p>Don\u2019t wait for a successful brute-force attack or a compromised password to prove the point. Secure your remote access with MFA today.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>While the pandemic may feel like a distant memory, its effects are still causing ripples for businesses worldwide. As companies scrambled to set up their remote working infrastructure and align with government guidance, IT departments often had to forgo their usual due diligence in favor of implementation speed. From Pandemic Response to Permanent Security Challenge &#8230; <a title=\"3 Reasons Why MFA for Remote Access Should Be Mandatory\" class=\"read-more\" href=\"https:\/\/www.realvnc.com\/en\/blog\/mfa-for-remote-access\/\" aria-label=\"Read more about 3 Reasons Why MFA for Remote Access Should Be Mandatory\">Read more<\/a><\/p>\n","protected":false},"author":16,"featured_media":9344,"template":"","blog_category":[257],"class_list":["post-9343","blog","type-blog","status-publish","has-post-thumbnail","hentry","blog_category-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>3 Reasons Why MFA for Remote Access Should Be Mandatory<\/title>\n<meta name=\"description\" content=\"Regardless of your strategy, MFA for remote access should be mandatory. Here are three reasons why.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.realvnc.com\/en\/blog\/mfa-for-remote-access\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"3 Reasons Why MFA for Remote Access Should Be Mandatory\" \/>\n<meta property=\"og:description\" content=\"Regardless of your strategy, MFA for remote access should be mandatory. Here are three reasons why.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.realvnc.com\/en\/blog\/mfa-for-remote-access\/\" \/>\n<meta property=\"og:site_name\" content=\"RealVNC\u00ae\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/realvnc\" \/>\n<meta property=\"article:modified_time\" content=\"2026-01-19T16:00:54+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/MFA-VNC-Connect-mult-factor-authentication.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1239\" \/>\n\t<meta property=\"og:image:height\" content=\"847\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@realvnc\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/mfa-for-remote-access\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/mfa-for-remote-access\\\/\"},\"author\":{\"name\":\"Bogdan Bele\",\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/#\\\/schema\\\/person\\\/6fa9f449ba19409f0cd7235931f51987\"},\"headline\":\"3 Reasons Why MFA for Remote Access Should Be Mandatory\",\"datePublished\":\"2022-03-15T13:39:00+00:00\",\"dateModified\":\"2026-01-19T16:00:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/mfa-for-remote-access\\\/\"},\"wordCount\":2137,\"publisher\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/mfa-for-remote-access\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.realvnc.com\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/MFA-VNC-Connect-mult-factor-authentication.jpg\",\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/mfa-for-remote-access\\\/\",\"url\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/mfa-for-remote-access\\\/\",\"name\":\"3 Reasons Why MFA for Remote Access Should Be Mandatory\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/mfa-for-remote-access\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/mfa-for-remote-access\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.realvnc.com\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/MFA-VNC-Connect-mult-factor-authentication.jpg\",\"datePublished\":\"2022-03-15T13:39:00+00:00\",\"dateModified\":\"2026-01-19T16:00:54+00:00\",\"description\":\"Regardless of your strategy, MFA for remote access should be mandatory. Here are three reasons why.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/mfa-for-remote-access\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/mfa-for-remote-access\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/mfa-for-remote-access\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.realvnc.com\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/MFA-VNC-Connect-mult-factor-authentication.jpg\",\"contentUrl\":\"https:\\\/\\\/www.realvnc.com\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/MFA-VNC-Connect-mult-factor-authentication.jpg\",\"width\":1239,\"height\":847,\"caption\":\"Featured image for MFA for remote access\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/mfa-for-remote-access\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Blogs\",\"item\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"3 Reasons Why MFA for Remote Access Should Be Mandatory\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/\",\"name\":\"RealVNC\u00ae\",\"description\":\"The world&#039;s safest remote access software\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/#organization\",\"name\":\"RealVNC\u00ae\",\"url\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.realvnc.com\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/realvnc-logo-blue.png\",\"contentUrl\":\"https:\\\/\\\/www.realvnc.com\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/realvnc-logo-blue.png\",\"width\":300,\"height\":41,\"caption\":\"RealVNC\u00ae\"},\"image\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/realvnc\",\"https:\\\/\\\/x.com\\\/realvnc\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/realvnc\\\/\",\"https:\\\/\\\/www.youtube.com\\\/RealVNCLtd\",\"https:\\\/\\\/en.wikipedia.org\\\/wiki\\\/RealVNC\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/#\\\/schema\\\/person\\\/6fa9f449ba19409f0cd7235931f51987\",\"name\":\"Bogdan Bele\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/db953d23953822fd0e4cf9ec4b44b151a5712b3d00982d581e2c162042f75c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/db953d23953822fd0e4cf9ec4b44b151a5712b3d00982d581e2c162042f75c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/db953d23953822fd0e4cf9ec4b44b151a5712b3d00982d581e2c162042f75c3d?s=96&d=mm&r=g\",\"caption\":\"Bogdan Bele\"},\"description\":\"A journalist by formation and experience, and a content writer by trade. I\u2019ve been writing content, both online and offline, for more than 15 years. My focus has always been technology, but I\u2019ve also ventured into fields as diverse as music, football or news. I am RealVNC\u2019s in-house Digital Content Editor, so a lot of what you\u2019re reading on this blog is written by me. I also edit a lot of our content output. When I\u2019m not writing, editing or reading, you\u2019ll probably find me at a concert or watching a Chelsea FC game.\",\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/in\\\/bogdanbele\\\/\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"3 Reasons Why MFA for Remote Access Should Be Mandatory","description":"Regardless of your strategy, MFA for remote access should be mandatory. Here are three reasons why.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.realvnc.com\/en\/blog\/mfa-for-remote-access\/","og_locale":"en_US","og_type":"article","og_title":"3 Reasons Why MFA for Remote Access Should Be Mandatory","og_description":"Regardless of your strategy, MFA for remote access should be mandatory. Here are three reasons why.","og_url":"https:\/\/www.realvnc.com\/en\/blog\/mfa-for-remote-access\/","og_site_name":"RealVNC\u00ae","article_publisher":"https:\/\/www.facebook.com\/realvnc","article_modified_time":"2026-01-19T16:00:54+00:00","og_image":[{"width":1239,"height":847,"url":"https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/MFA-VNC-Connect-mult-factor-authentication.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_site":"@realvnc","twitter_misc":{"Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.realvnc.com\/en\/blog\/mfa-for-remote-access\/#article","isPartOf":{"@id":"https:\/\/www.realvnc.com\/en\/blog\/mfa-for-remote-access\/"},"author":{"name":"Bogdan Bele","@id":"https:\/\/www.realvnc.com\/en\/#\/schema\/person\/6fa9f449ba19409f0cd7235931f51987"},"headline":"3 Reasons Why MFA for Remote Access Should Be Mandatory","datePublished":"2022-03-15T13:39:00+00:00","dateModified":"2026-01-19T16:00:54+00:00","mainEntityOfPage":{"@id":"https:\/\/www.realvnc.com\/en\/blog\/mfa-for-remote-access\/"},"wordCount":2137,"publisher":{"@id":"https:\/\/www.realvnc.com\/en\/#organization"},"image":{"@id":"https:\/\/www.realvnc.com\/en\/blog\/mfa-for-remote-access\/#primaryimage"},"thumbnailUrl":"https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/MFA-VNC-Connect-mult-factor-authentication.jpg","inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.realvnc.com\/en\/blog\/mfa-for-remote-access\/","url":"https:\/\/www.realvnc.com\/en\/blog\/mfa-for-remote-access\/","name":"3 Reasons Why MFA for Remote Access Should Be Mandatory","isPartOf":{"@id":"https:\/\/www.realvnc.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.realvnc.com\/en\/blog\/mfa-for-remote-access\/#primaryimage"},"image":{"@id":"https:\/\/www.realvnc.com\/en\/blog\/mfa-for-remote-access\/#primaryimage"},"thumbnailUrl":"https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/MFA-VNC-Connect-mult-factor-authentication.jpg","datePublished":"2022-03-15T13:39:00+00:00","dateModified":"2026-01-19T16:00:54+00:00","description":"Regardless of your strategy, MFA for remote access should be mandatory. Here are three reasons why.","breadcrumb":{"@id":"https:\/\/www.realvnc.com\/en\/blog\/mfa-for-remote-access\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.realvnc.com\/en\/blog\/mfa-for-remote-access\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.realvnc.com\/en\/blog\/mfa-for-remote-access\/#primaryimage","url":"https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/MFA-VNC-Connect-mult-factor-authentication.jpg","contentUrl":"https:\/\/www.realvnc.com\/wp-content\/uploads\/2022\/03\/MFA-VNC-Connect-mult-factor-authentication.jpg","width":1239,"height":847,"caption":"Featured image for MFA for remote access"},{"@type":"BreadcrumbList","@id":"https:\/\/www.realvnc.com\/en\/blog\/mfa-for-remote-access\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.realvnc.com\/en\/"},{"@type":"ListItem","position":2,"name":"Blogs","item":"https:\/\/www.realvnc.com\/en\/blog\/"},{"@type":"ListItem","position":3,"name":"3 Reasons Why MFA for Remote Access Should Be Mandatory"}]},{"@type":"WebSite","@id":"https:\/\/www.realvnc.com\/en\/#website","url":"https:\/\/www.realvnc.com\/en\/","name":"RealVNC\u00ae","description":"The world&#039;s safest remote access software","publisher":{"@id":"https:\/\/www.realvnc.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.realvnc.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.realvnc.com\/en\/#organization","name":"RealVNC\u00ae","url":"https:\/\/www.realvnc.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.realvnc.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.realvnc.com\/wp-content\/uploads\/2023\/05\/realvnc-logo-blue.png","contentUrl":"https:\/\/www.realvnc.com\/wp-content\/uploads\/2023\/05\/realvnc-logo-blue.png","width":300,"height":41,"caption":"RealVNC\u00ae"},"image":{"@id":"https:\/\/www.realvnc.com\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/realvnc","https:\/\/x.com\/realvnc","https:\/\/www.linkedin.com\/company\/realvnc\/","https:\/\/www.youtube.com\/RealVNCLtd","https:\/\/en.wikipedia.org\/wiki\/RealVNC"]},{"@type":"Person","@id":"https:\/\/www.realvnc.com\/en\/#\/schema\/person\/6fa9f449ba19409f0cd7235931f51987","name":"Bogdan Bele","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/db953d23953822fd0e4cf9ec4b44b151a5712b3d00982d581e2c162042f75c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/db953d23953822fd0e4cf9ec4b44b151a5712b3d00982d581e2c162042f75c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/db953d23953822fd0e4cf9ec4b44b151a5712b3d00982d581e2c162042f75c3d?s=96&d=mm&r=g","caption":"Bogdan Bele"},"description":"A journalist by formation and experience, and a content writer by trade. I\u2019ve been writing content, both online and offline, for more than 15 years. My focus has always been technology, but I\u2019ve also ventured into fields as diverse as music, football or news. I am RealVNC\u2019s in-house Digital Content Editor, so a lot of what you\u2019re reading on this blog is written by me. I also edit a lot of our content output. When I\u2019m not writing, editing or reading, you\u2019ll probably find me at a concert or watching a Chelsea FC game.","sameAs":["https:\/\/www.linkedin.com\/in\/bogdanbele\/"]}]}},"_links":{"self":[{"href":"https:\/\/www.realvnc.com\/en\/wp-json\/wp\/v2\/blog\/9343","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.realvnc.com\/en\/wp-json\/wp\/v2\/blog"}],"about":[{"href":"https:\/\/www.realvnc.com\/en\/wp-json\/wp\/v2\/types\/blog"}],"author":[{"embeddable":true,"href":"https:\/\/www.realvnc.com\/en\/wp-json\/wp\/v2\/users\/16"}],"version-history":[{"count":0,"href":"https:\/\/www.realvnc.com\/en\/wp-json\/wp\/v2\/blog\/9343\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.realvnc.com\/en\/wp-json\/wp\/v2\/media\/9344"}],"wp:attachment":[{"href":"https:\/\/www.realvnc.com\/en\/wp-json\/wp\/v2\/media?parent=9343"}],"wp:term":[{"taxonomy":"blog_category","embeddable":true,"href":"https:\/\/www.realvnc.com\/en\/wp-json\/wp\/v2\/blog_category?post=9343"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}