What is MFA? (And why should I turn it on?)
Account hacking is on the rise again….but MFA can help!
But along with a strong password, there’s another simple step you can take to protect your accounts and information from potential hacking.
So what is MFA – and is it worth all of the additional effort?
Cyber criminals will spend their lives trying to steal information – and as technology has advanced, so has the hacking methods.
To try and combat hacking attempts, the technology used to try and keep hackers out has also had to advance and develop more secure ways to ensure it’s definitely you who is trying to log in.
WHAT IS MFA?
Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to an account.
Rather than just asking for a username and password, MFA requires one or more additional verification factors, which decreases the likelihood of a successful cyber-attack.
Just using a username and password means your account could be left vulnerable to brute force attacks.
A brute force attack is a hacking method that uses trial and error to crack passwords, login credentials, and encryption keys.
Enforcing the use of an MFA factor like a thumbprint or physical hardware key means increased confidence that your information will stay safe from cyber criminals
OPTIONS
So what kind of MFA options are there?
Most MFA authentication methodology is based on one of three types of additional information:
- Things you know (knowledge), such as a password or PIN
- Things you have (possession), such as a smartphone
- Things you are (inherence), such as a biometric like fingerprints or voice recognition
THE KNOWLEDGE FACTOR
Knowledge-based authentication typically requires the user to answer a personal security question. Knowledge factor technologies generally include passwords, four-digit personal identification numbers (PINs) and one-time passwords (OTPs). Typical user scenarios include the following:
- swiping a debit card and entering a PIN at the supermarket
- providing information, such as mother’s maiden name or previous address, to gain system access.
THE POSSESSION FACTOR
Probably the most common method of MFA, users must have something specific in their possession in order to log in, such as a badge, token, key fob or phone SIM card. For mobile authentication, a smartphone often provides the possession factor in conjunction with an OTP app.
One of the most common MFA factors that users encounter are one time passcodes. OTPs are those 4-8 digit codes that you often receive via email, SMS or some sort of mobile app. With OTPs a new code is generated periodically or each time an authentication request is submitted.
One Time Passcodes have recently become standard amongst banks, you might now find that you can’t make an online payment without your mobile device handy!
THE INHERENCE FACTOR
Any biological traits the user has that are confirmed for login – most commonly, using your fingerprint to access or authorise a smartphone.
Inherence factors authenticate access credentials based on factors that are unique to the user. These include fingerprints, thumbprints, and palm or handprints. Voice and facial recognition and retina or iris scans are also types of inherent authentication factors.
Location is often a factor too.
Ever receive an email asking if you’ve just logged in? When you log into an account on an unknown device, such as your work PC or in an unusual location, it’s now quite common to receive a head’s up from the website to double check if it was you.
SO SHOULD YOU USE MFA?
Well, if you’re able to – yes! Especially when it comes to anything financial. We see all to regularly, email addresses which are hacked, and Facebook accounts which are lost forever. Once hacked, the cyber criminals will often change the information on your account – so you’re unable to match any of your details to confirm your account was ever yours.
MFA helps protect you by adding an additional layer of security, making it harder for bad guys to log in as if they were you. Your information is safer because thieves would need to steal both your password and your phone. You would definitely notice if your phone went missing, so you’d report it before a thief could use it to log in.
Stopping all online crime is not a realistic goal, but simple steps can massively reduce the likelihood you’ll be the next victim. You should use MFA whenever possible, especially when it comes to your most sensitive data—like your primary email, your financial accounts, and your health records.
MFA is not always activated as standard, so it’s always worth checking to see if it’s an option which can be turned on. The additional effort needed to log in is likely to be much less than what’s needed to try and recover your accounts!
