Multi-Factor Authentication

Understanding MFA

Keeping your personal and business accounts secure is more important than ever.  Whether logging into a website or a server, take these steps to ensure your accounts are protected.

Multi-Factor Authentication“Doing what’s expected of you can make you good, but it’s the time you spend going above and beyond what’s required that makes you great!”

~ Josh S. Hinds


The Full Scoop

We have so many accounts to remember, between personal and work, it’s not uncommon to have hundreds of accounts to manage. Password managers can help, as it is a real challenge to remember so many different logins. Not to mention getting into the habit of frequently changing your passwords.

As we discuss account security, it is important to understand the Three Factors of Authentication. These are the primary ways systems can identify who you are; they are as followed:

  1. Username and Password
  2. Biometric logins
  3. Tokens, keys, and OTP

The Multi-Factor Authentication Explained

First, something you know would be your username and password. In reality, your username should not be something you’re sharing with others any more than you would share a password. Your password is the “secret sauce” of cyber security, we have all be warned to make and keep unique complex passwords and to change them frequently. Until we can get rid of the password through innovative password-less technologies such as those provided by Identite; you’re going to have to keep working hard to keep your password secure!

Second, something you are is biometric; things like fingerprints, facial recognition, and retina scans. If you use a smartphone you are well acquainted with these forms of authentication. They uniquely identify you and do not require you to remember to know or have something. They are fairly convenient ways of logging into something fast.

Lastly, you have would have a token or key, physically available to you. Consider a key you use to unlock a door, or in the case of Information Technology, a code that appears on a hardware or software device that frequently changes. With this in mind, a popular approach used by many websites in implementing this technology is to send someone a text message when logging in; with a unique one-time passcode (OTP).

Other types of Authentication

On your personnel accounts, such as those used for banking, do yourself a great favor and enable the enhanced security options available to you; at a minimum, these typically include 2FA (dual-factor authentication), which sends you an OTP via text message to use after logging into your online accounts.

For those with IT infrastructure and hardware, be sure to use 2FA authentication on any administrative accounts, while logging into servers or cloud-hosted services (e.g. Microsoft 365). Those in the IT space are targets for hackers and you need to take extra care.

Overall, by taking the additional step to add MFA and 2FA security to your accounts, you will decrease the likelihood of having a cyber security incident and give yourself added peace of mind. These steps can often be taken without a lot of risks or spent time, speak to your IT Provider today to understand how you can make Multi-Factor Authentication work for you. It will be worth the extra effort!