AI identity models: what multi-attestation changes for IAM teams

TL;DR: Forcing AI to use MFA creates borrowed-credential risk, operational friction, and weak identity boundaries, according to Defakto Security. Instead, the vendor proposes delegation with multi-attestation based on code integrity and runtime context. The identity model matters because human authentication assumptions break when non-human actors need their own access path.

NHIMG editorial — based on content published by Defakto Security: AI MFA vs Multi-Attestation, Why AI Needs a New Identity Model

By the numbers:

• 74% say machine identity management complexity has increased significantly in the past two years.
• 66% say their current tooling is not adequate to manage the scale of machine identities they now have.
• 61% rely on spreadsheets or manual tracking for machine identity management.

Questions worth separating out

Q: How should security teams govern AI access without forcing MFA on machines?

A: Treat AI as a separate identity class.

Q: Why do borrowed human credentials create risk in AI workflows?

A: Borrowed credentials blur the subject of the access decision.

Q: What should organisations require before granting AI access to systems or data?

A: Require delegated authorization plus proof that the AI is the expected workload in the expected runtime context.

Practitioner guidance

• Separate human authentication from AI authorization Require a human to approve the task, then issue access to the AI through a machine identity path with its own lifecycle, revocation rules, and audit records.
• Adopt delegated task scopes Limit each AI grant to one purpose, one system boundary, and one expiry condition so the access can be reviewed and revoked as a discrete entitlement.
• Use multi-attestation before issuing credentials Combine runtime signals such as code integrity, provenance, and execution context before minting or refreshing an AI credential.

What's in the full article

Defakto Security's full post covers the operational detail this post intentionally leaves for the source:

• A deeper explanation of how delegation and multi-attestation replace human authentication in AI workflows
• The author’s runtime identity model for distinguishing what the AI is from how it logs in
• Additional context on why long-lived human tokens fail as a governance boundary for non-human actors
• The original article's framing of trust boundaries for AI, workloads, and machine identities

👉 Read Defakto Security's analysis of AI MFA, delegation, and multi-attestation →

AI identity models: what multi-attestation changes for IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →