A cyberattack occurs every 39 seconds. With such a constant threat, it's essential to protect unsecure usernames and passwords.
Multi-factor authentication provides an extra layer of security that goes above and beyond a password.
Our mini guide tells you everything you need to know about multi-factor authentication and why you should be using it.
What is multi-factor authentication?
Multi-factor authentication (MFA) is a method of logging in to accounts using more than one method of authentication. Where traditionally we would log in to most online services with just a password, MFA requires you to provide more information or take an action, such as entering a code sent to your phone or scanning your fingerprint.
Having multiple factors of authentication means that if one factor was compromised - for example, if your password was hacked - an attacker wouldn't automatically be able to access your account as they would still need access to the extra factors.
How does multi-factor authentication work?
The factors of authentication are split into 3 different groups. Multi-factor authentication usually requires something from two of the following categories:
Something you know
This is the most common form of authentication and consists of passwords, PIN codes and memorable words. Banks have been using more than one of these forms of authentication for a long time.
On their own, they offer a good level of security but when using MFA you shouldn't only use factors from this group. These types of authentication can all be discovered or stolen.
Something you have
These are physical objects that can be used for additional authentication. The most popular is a code sent to your mobile phone. Other examples include key fobs and smart cards.
The chances of your password being hacked and your phone being stolen by the same person are extremely high. Cash machines use a bank card and a PIN as MFA. Someone can gain access to your pin but if they don't have your card they can't withdraw money (and vice versa).
By picking a factor from this group and the 'what you know group', you are greatly increasing the security of your accounts.
This refers to something that biologically identifies you, which a hacker wouldn't be able to replicate. For example, you may log in using your smart device's fingerprint scanner or facial recognition.
What is two-factor authentication?
Two-factor authentication is a common form of MFA where only two types of authentication are required. Multi-factor authentication is an umbrella term for anything requiring two or more types.
Why you should use multi-factor authentication
The majority of cyberattacks are due to stolen credentials. Using the same password (or slight variations of it) on multiple accounts can put you at risk. If one of those accounts is breached, then the hackers will know your password. If that password is used on all your other accounts, they can gain access to them all just from one breach.
Because MFA requires at least one more form of authentication, it is much harder for criminals to gain access to your accounts, even if they get hold of your password.
When to use multi-factor authentication
If you are using passwords or something similar like pin codes to secure an account, you should be using MFA as well. Even if you are using a password manager, the additional security MFA offers makes it very difficult for someone to gain access to your account.
Inside a business, MFA is even more important. There are countless examples where a password can be compromised. How many times has a password been sent in an email or text message, or, even worse, written on a post-it note stuck to a monitor?
The installation of multi-factor authentication to online services within your business might require your IT helpdesk. We have worked with many of our clients already to set up MFA for their services.
There are other factors to consider once MFA has been set up within your business. You will need to consider how your account reset and multi-factor token replacement processes verify that the user is who they say they are. You will also need to know how administrators can gain access to a service if MFA becomes unavailable for any reason.
How to put multi-authentication in place
There are many multi-factor authentication services available. Here at Concise, we have a dedicated Cyber Security team that can support you to put MFA in place so that you and your employees can rest assured your accounts are protected. We have also teamed up with Keeper Security to offer a leading password management service that helps prevent data breaches and cyberattacks.
To find out more about our cyber security services, please don't hesitate to get in touch.
- Multi-factor authentication is simple to set up and could be the difference between whether your accounts and personal information are compromised or not.
- Many leading platforms and service providers are making the move towards enforced multi-factor authentication.
- Business solutions such as Microsoft Azure, Hubspot and Sage have the capacity for company-wide MFA enforcement to protect your business and employees.