What is multifactor authentication, and why do you need it?

What is multifactor authentication, and why do you need it?

The conventional way of logging in to an account is to enter a username and password. Unfortunately, there are many problems with this approach. Not only have many people developed bad password habits that are hard to break, but cybercriminals often dupe victims into unwittingly disclosing their credentials. People using one set of login details leave themselves open to even greater risk, potentially creating a “domino effect” if one of their accounts is compromised. Fortunately, multifactor authentication (MFA) provides a user-friendly way to greatly improve the security of your accounts.

What is MFA?

MFA is the method for accessing a system using two or more steps to verify your identity. Perhaps the most common example of MFA in action is when you withdraw money from an ATM. The first step is to enter the card, an object that’s in your possession, before entering a PIN code, which (hopefully) only you would know. You’ve probably also used it online, such as when you logged in to an internet banking account and received a single-use numeric SMS code from the bank.

Why you do need MFA?

Technology is far more resilient than it used to be. Provided you keep your systems up to date and have a dependable way of enforcing your information security policies, it should be extremely difficult for hackers to break into your systems. That’s why they tend to rely on the weakest link instead: the account holders. For example, attackers will go after login credentials by setting up fake login pages of legitimate companies.

Social engineering scammers often go after things you know by building up trust. But MFA combines something you know (such as a username and password) with something you have or are. For example, a scammer might steal your username and password, but they will still be locked out of your account if the real login dialog box also asks for a single-use security token. It also expires quickly, making it less susceptible to brute force attacks. These security tokens are often based on device and geolocation as well, so even if an attacker does get their hands on it, it shouldn’t work if they’re far away from you.

What about biometrics?

The third most commonly used authentication factor is something you are; in other words, an inherent trait that’s completely unique to you. These include biometric identifiers such as fingerprints, retinal scans, and facial scans. In recent years, they’ve become increasingly popular in a lot of consumer-grade systems such as high-end smartphones. However, there is a serious limitation to biometrics. If the biometric data is somehow compromised, you can’t exactly change that trait about yourself. That means you’ll never be able to use it again.

What’s best for your business?

While there’s no such thing as a completely secure system, applying the right combination of verification methods will go a long way toward keeping your business accounts safe. This is especially important now that the workforce has become increasingly mobile, and employees are routinely logging in to business systems from home and elsewhere. You should enforce the use of MFA whenever possible, particularly when it comes to your most sensitive data, such as systems that store personally identifiable or payment information.

Tech Squared provides services and solutions which reduce stress and add value throughout your company. Call us today to find out how.


If you're struggling to put together a comprehensive network security plan, our FREE eBook is an excellent guide.Click!
+