You have probably encountered the term "multi-factor authentication" or "MFA." The concept is not new, but has recently become increasingly important. In this post, we will discuss what multi-factor authentication is and why you should adopt it.
What is multi-factor authentication?
Multi-factor authentication is the use of more than one credential to gain access to data. It is a combination of multiple access credential types. For example, instead of gaining access to an email account by just typing your username and password, you will be asked to further verify your identity by entering some other information, such as a PIN or a one-time password (OTP) that was sent to the phone number linked with the email account you are accessing.
Why do you need multi-factor authentication?
Multi-factor authentication offers an additional layer of security. Simple access control measures such as logging in with user ID and password are increasingly being breached by cybercriminals because no matter how much we condition ourselves to follow good password hygiene, sometimes, we take shortcuts for convenience. Have you ever been guilty of:
- Writing down your password so you don’t forget it?
- Sharing your password with someone just to get the work done faster?
- Using the same password for multiple accounts just because it is easier to remember?
- Creating a password that was obvious / easy to figure out? (Ex: your date of birth, numbers or letters in sequence, your name, etc.)
Multi-factor authentication can help prevent cybercrimes and account breaches due to leaked or hacked passwords.
How does multi-factor authentication work?
Multi-factor authentication depends on requiring at least two of the following three elements.
- Something you know
- Something you have
- Something you are
The user has to prove their identity by answering the questions related to each of these three elements. User IDs, passwords, secret questions, date of birth, etc., fall in the first category (something you know), while OTPs sent to your smartphone, a physical token, or an access card belong to the second category (something you have).and the third category (something you are) includes biometric authentication such as retina scan, fingerprint, or voice recognition.
If a hacker discovers your password (something you know), it is much more difficult for them to access your account, because they likely won't also have access to your smartphone (something you have) or your biometric identity (something you are).
Multi-factor authentication is no guarantee of data safety, but it certainly reinforces and enhances your data security posture. While there are tools available that you can purchase and deploy, you can also consult with an MSP (like Logical Operators) to help you implement multi-factor authentication across your network to enhance your security.