Multi-Factor Authentication

Understanding MFA

Keeping your personal and business accounts secure is more important than ever.  Whether logging into a website or a server, take these steps to ensure your accounts are protected.

Multi-Factor Authentication

"Doing what's expected of you can make you good, but it's the time you spend going above and beyond what's required that makes you great!"

~ Josh S. Hinds

The Full Scoop

We have so many accounts to remember, between your personal logons and work accounts, it is not uncommon to have hundreds of accounts to manage.  While password managers can help, it is a real challenge to remember so many different logins and to get into the habit of frequently changing your passwords.

As we discuss account security, it is important to understand the Three Factors of Authentication.  These are the primary ways systems can identify who you are; they are outlined as,

  1. Something you know
  2. Something you are
  3. Something you have

Something you know would be your username and password.  In reality, your username should not be something you are sharing with others anymore than you would share a password.  Your password has long been considered the "secret sauce" of cyber security, we have all be warned to make and keep unique complex passwords and to change them frequently.  Until we can get rid of the password through innovation password-less technologies such as those provided by opens in a new windowIdentite; you're going to have to keep working hard to keep your password secure!

Something you are is a biometric; fingerprints, facial recognition, and retina scans.  If you use a smartphone you are well acquainted with these forms of authentication.  They uniquely identify you and do not require you to remember to know or have something.

Something you have would be a token or key, physically available to you.  Consider a key you use to unlock a door, or in the case of Information Technology, a code that appears on a hardware or software device that frequently changes.  A popular approach used by many websites in implementing this technology, is to send someone a text message when logging in; with a unique one-time passcode (OTP).

Multi-Factor Authentication means your system is using two or more of the aforementioned techniques to securely log in users.  This reduces the likelihood of your account being compromised, due to a - for example - stolen username and password.  While it may feel like a little bit of extra work, the benefits greatly outweigh the inconvenience.

On your personnel accounts, such as those used for banking, do yourself a great favor and enable the enhanced security options available to you; at a minimum these typically include 2FA (dual-factor authentication), which sends you a OTP via text message to use after logging into your online accounts.

For those with IT infrastructure and hardware, be sure to use 2FA authentication on any administrative accounts, while logging into servers or cloud hosted services (e.g. Microsoft 365).  Those in the IT space are targets for hackers and you need to take extra care.

By taking the additional step to add MFA and 2FA security to your accounts, you will decrease the likelihood of having an cyber security incident and give yourself added peace of mind.  These steps can often be taken without a lot of risk or spent time, speak to your IT Provider today to understand how you can make Multi-Factor Authentication work for you.  It will be worth the extra effort!