Japanese companies are finally embracing true hybrid work. An employee logging in from a café in Shibuya (new IP) vs. their usual home office in Chiba — adaptive won’t block them, just ask for one extra factor. Traditional MFA would annoy them both ways.
Enter (sometimes called risk-based authentication). It doesn’t just ask “Do you have the second factor?” It asks “ How risky is this specific login attempt? ” Japanese companies are finally embracing true hybrid work
Traditional MFA (OTP, push approval) is vulnerable to real-time phishing (EvilProxy, Tycoon 2FA). Adaptive authentication can detect an impossible travel event (e.g., login from Tokyo then 1 min later from Osaka) and kill the session. Many modern adaptive systems also integrate with FIDO2 passkeys—already supported by major Japanese cloud providers (Sakura, IDC Frontier). Traditional MFA would annoy them both ways
Traditional MFA is a blunt instrument. Adaptive authentication is surgical. ” Traditional MFA (OTP, push approval) is vulnerable