What is Multi-Factor Authentication (MFA)?| September 16, 2020
It’s interesting that you already use Multi-Factor Authentication every time you use your debit card. In this case, you have two means to verify that you have the right to access your bank account via both your PIN and the card itself.
Basically, Multi-Factor Authentication provides an extra layer of security that we all need to protect ourselves from cyberattacks.
Just as with your debit card, for MFA to work when accessing any account, you need at least two credentials or pieces of evidence to prove that you are who you say you are. For example, in addition to a password or PIN to log into any account or device, you should have a fingerprint scan or other means of identification.
Why is Multi-Factor Authentication Important?
Cybercriminals may steal your PIN or password, but they have a much more difficult time robbing you of that second (or more) means of protection that MFA provides.
The proof that MFA works has been statistically validated: “By providing an extra barrier and layer of security that makes it incredibly difficult for attackers to get past, MFA can block over 99.9 percent of account compromise attacks. With MFA, knowing or cracking the password won’t be enough to gain access.” (SANS Software Security Institute).
Best of all, the National Institute of Standards and Technology reports that, “Multi-Factor Authentication (MFA) can help prevent some of the most common and successful types of cyberattacks, including:
- Spear Phishing
- Credential stuffing
- Brute force and reverse brute force attacks
- Man-in-the-middle (MITM) attacks.”
One-way hackers can infiltrate your devices is through malware. These systems were installed on your computer, phone or other device without your full knowledge and some can capture your every keystroke. This way, cybercriminals learn what you type in as your password. Much like a criminal looking over your shoulder to learn your PIN. So, if they can steal your password or PIN that easily, having two passwords, doesn’t solve the problem. In addition, research by TeleSign shows that, “54% of consumers use five or fewer passwords for all of their accounts [which can] create a “domino effect” that allows hackers to take down multiple accounts just by cracking one password.” In other words, not only can passwords be hacked, we enable it further by limiting our use of passwords. Fortunately, correctly implemented MFA is where we can protect ourselves from both cybercriminals and our own tendencies when using passwords.
What Choices of Multi-Factor Authentication are There?
There are three main categories of identification that can be used for MFA:
- Something You Know – These are what we already typically use, passwords, PINs, and security questions you know such as your mother’s maiden name, your first car, etc.
- Something You Have – These can include things such as a smartcard, a driver’s license, a means provided by IT, and so forth.
- Something You Are – Also known as biometrics, this includes fingerprint swipes, retinal scans, and voice and facial recognition. Those means of identification that clearly verifies that you’re you.
Implementing Multi–Factor Authentication
There are certain elements that people can do themselves to use MFA to protect their devices and access to their personal accounts, such as Facebook settings and their own personal banking. But when it comes to the business accounts and network logins, you need the help and experience of cybersecurity experts. Specifically, the help and experience of a managed IT service provider that can implement the type of MFA that is right for you, your business, and your employees.
In our latest eBook, we explain everything you need to know about MFA and how you can adopt this necessary security measure into your own business. Download our eBook here.