Multi-factor Authentication (MFA) is an authentication method that requires users to provide two or more verification factors in order to gain access to a resource such as an online account or an application. This means that a username and password will simply not be enough in order to login to your resources and services.
How does it work?
When you login to a service/website, you will first enter your username and password. Once this has been entered successfully, you have made it past the first stage.
This next step is where MFA kicks in. It will ask you for some further info to prove it is really you trying to log in, and not someone pretending to be you. This second piece of info will be something that would be much harder for an imposter to access or guess. This is usually something like a one-time passcode which is sent to your mobile phone.
Once satisfied with your authentication answers, the service will let you in.
What other info can MFA ask for?
Most MFA authentication methods are based on one of three types of information:
Knowledge – Something you know, such as a password or PIN.
Possession – Something you have, such as a mobile phone which can include a ‘one time pass-code’ sent to the device.
Inherence – Something that is part of you. This includes fingerprints, voice recognition, facial recognition or a retina scan.
I’m using a strong password. Do I need to use MFA?:
A username and password has always been the most common method of authentication, but in recent years it has become apparent that this is not secure enough. You may have noticed that over the years different sites and providers have started to demand more complex and lengthy passwords, as part of their authentication policy. This is to make them harder for malicious parties to guess.
Many sites which deal with finances such as online banking sites have already been using MFA for years. When you try to login to your banking app, it will ask for a security code from a text message or a fingerprint scan. As you can see, this is clearly asking for more than just a simple username and password login, and is an example of MFA at use.
Why is MFA being used more now?
Computers are being used in virtually every profession these days. Sensitive information which would have previously been stored in record books or physical folders and lockable boxes, are now being stored electronically. This means the contents of your online accounts could be extremely valuable to you and your business, and hackers know this. Adding the extra layer of security provided by MFA is enough to be the difference between your sensitive data being safe or being compromised.
With the recent surge of cloud computing, MFA has become even more vital. As organizations move their systems and data to the cloud they can no longer rely on their users being physically connected to the same network as their systems, as a security factor. This means additional layers of security are required to ensure only their trusted users can access these systems. As these users have the potential to access the company’s systems from anywhere and at any time, MFA can help ensure that these users are who they claim to be, and not suspicious ‘actors’.
Data-breaches are also becoming more frequent. Hackers have been able to gain access to thousands of username and password records from some high-profile organizations, and have then sold them on via the ‘black market’. If your details have been included in one of these data-breaches, your username and password may already be in the wrong hands, and through no fault of your own. Adding an extra layer of security via MFA could stop this login info from being used against you.
See the below short video for an example of using MFA in the work place:
With the amount of phishing emails, suspicious websites, and data-breaches that exist today, it is easier than ever for third parties to get a hold of users’ passwords. This is why an extra layer of security is vital in order to protect sensitive data. MFA is the perfect solution here, as when used correctly can make it virtually impossible for your data to fall into the wrong hands.
To learn more about the advantages of using MFA, contact Fuse Collaboration Services today.
Image Source: Unsplash