When you add layers of authentication, you add layers of security to your accounts, data, and systems.
Authentication, in a security context, is about verifying your identity. And you authenticate on a regular basis: When you log into accounts and systems, the information you provide is intended to confirm your status as an authorized user. The problem with single-point authentication (Like passwords and PINs) is that it’s also a single point of failure. If a password is the only safeguard in place, and that password is compromised; well, everything is compromised.
Multi-factor authentication (MFA) also commonly referred to as two-factor authentication (2FA) has gained steam over the past several years. Technology advancements have made it relatively simple to implement MFA for key accounts, data repositories, and cloud-based systems. But there is another driving force behind MFA adoption: Password theft and successful credential compromise attacks have skyrocketed.
MFA enhances security by requiring two or more pieces of information—that is, multiple factors—during the authentication process. There are three key factors in MFA:
- Something you know, like a password, PIN, or passphrase
- Something you have, like a real-time, unique verification code. These authentication codes are usually generated by a mobile app or security token, or they are delivered to you via a text message.
- Something you are, at a biometric level, like a fingerprint, iris scan, or voice pattern.
When it is an option, always opt for MFA. In some cases, MFA is not optional. Organizations often require employees to provide multiple forms of authentication for assets like virtual private networks (VPNs) and cloud-based systems.
But in other cases, the choice is yours. Many websites and applications have implemented MFA—but it’s up to you to enable it. Here are three reasons you should always take advantage of MFA when it is offered:
- It is easy to add – Yes, you must take an action to enable MFA for your logins. But the process is not difficult. Sites and applications generally provide simple, step-by step instructions and clearly explain when to expect an MFA prompt, and how to complete a login.
- It is easy to use – As noted, there are multiple ways an organization might implement MFA. But regardless of the technology behind the additional authentication factor(s), MFA adds just a few seconds to your login process. (And the extra seconds are worth it.)
- It’s far more secure than a password alone – Cybercriminals have access to billions of stolen usernames and passwords on underground forums. So, what if the only thing standing between a criminal and your data, finances, and files is a compromised password? MFA helps to limit the damage that can be done if a threat actor steals (or buys) account credentials.
60 seconds to better security: What is Multi-Factor Authentication? – Watch video.
Attack Spotlight: MFA Fatigue Attacks – Watch video.
Do not take the risk, implement multi-factor authentication in your accounts NOW!
We are here to help!
