Multi-factor authentication (“MFA”) is a method of providing an additional layer of verification to user accounts. It goes a step beyond a secure password by utilizing a secondary mode of identity verification. Essentially, MFA makes sure that the person logging into a user account actually is who they are claiming to be. Adding MFA to an account is completely free and one of the simplest things you can do right now to majorly increase the security of your user accounts. MFA is a key piece in any comprehensive security approach.
Passwords Simply Aren’t Enough
If you have an account protected with a secure password, why is it necessary to also enable MFA? The sad truth is that passwords on their own are simply not effective enough at deterring security breaches, because there are so many issues with the way that the vast majority of people create and use their passwords.
The most common password mistakes include:
- Using simple, easily guessable passwords, such as an address, a sibling’s name, birthdays, pet names, etc.
- Storing or writing passwords down in unsecure places, such as the notes app on your phone or a sticky note at your desk
- Inevitably, people share their passwords with other people for various reasons, and don’t change them afterwards
- Lots of people use the same password for more than one account, service, device, or application. If you use the same password for your Netflix account (which is probably shared with multiple family members and friends) as your work email account and your online banking login, that’s a problem.
- Sometimes, people unwittingly provide their password to cybercriminals via phishing emails or copycat sites that are created to steal your password. Consequently, passwords are compromised and stolen all of the time — your own passwords could be sitting on a list with thousands of others listed for sale to a cybercriminal.
So How Exactly Does MFA Work?
MFA adds a step to the sign-in process, which provides an additional layer of security when somebody attempts to log in to an MFA-enabled account using their password. MFA works by generating a code that is updated on a timer. Each code can last anywhere from a few seconds to a few minutes. Upon attempted log-in, this code is immediately sent to a predetermined secondary device (typically the user’s mobile device) via either a text message, an email, a phone call, or an app. The log-in screen will then prompt the user to enter the current MFA code. If the correct MFA code is not entered (or verified through the app), the person attempting to log in will de denied access to the account, even if they have the correct password.
While it can be argued that MFA adds a mild level of complexity to the process of logging in and there is a need for basic set-up and training, the amount of security that this method adds to user accounts far outweighs these small “inconveniences.”
The Major Benefits of MFA
When you spell out the process of MFA, it really is quite simple and user-friendly. It is one extra step that makes it much harder for someone else to log in to your account. Not all products/platforms support MFA quite yet, but it is our STRONG recommendation that if MFA is an option on any user account you have, you should absolutely enable it.
The benefits of MFA:
- MFA is completely FREE!
- MFA is a simple way to instantly increase the security of accounts for every user in your organization
- MFA is increasingly available on log-in systems on apps, products, and platforms
The fact of the matter is that at this point, Multi-Factor Authentication is a necessary piece of basic user security. The extra step in the log-in process and basic set-up effort and minor inconveniences, far outweighed by the extra layer of security provided by MFA.
While MFA does reduce breaches at log-in, it is not a “silver bullet” that solves all of your end-user cybersecurity issues. We still must worry about voice phishing, other social engineering tricks, and physical security like a lost USB stick. Tools like MFA must be used alongside solid end-user security awareness training, the most important layer of security for all organizations. The most effective protection against security threats is continued training and awareness. Nevertheless, MFA is a simple, effective, and accessible tool for creating a more secure online environment for yourself and your team.
At Enable Technology Group, we are constantly helping clients seamlessly implement MFA and other security measures within their businesses, and we are more than happy to talk with you about what this could look like for you! For more information, email [email protected].