It’s Cybersecurity Awareness Month, and this week we’re talking about the importance of multi-factor authentication (MFA). You may have heard this phrase used in the context of identity and access management – using multi-factor authentication can help secure your accounts from hackers and prevent unauthorized logins.
But how does MFA work, and what does it do? Why is it such an important tool in every cybersecurity arsenal? We’ll answer those questions and more.
What is Multi-Factor Authentication (MFA)?
MFA involves requiring multiple different types of identity verification in order for a user to gain access to a system, account, or application - typically on top of the standard username and password. If you’ve ever been required to type in a code that was texted to you, or needed to log into an app like Google Authenticator to unlock an account, you’ve engaged with MFA before.
Two-factor authentication (2FA) is a variety of multi-factor authentication that specifically uses two types of identity authentication for login. Unlike 2FA, however, MFA can include additional authentication factors. Some particularly secure accounts may require three or more.
The specifics of these different types of identity verification vary, but they can be distilled into three different umbrellas:
Something You Know
This type of verification is knowledge-based and typically something you must remember - such as a username and password, a PIN number, or even security questions such as your childhood pet’s name.
Something You Have
This would be something you keep in your possession, such as a security card, a phone, a key, or another handheld token – anything you might have to physically swipe, insert, or use. The gold standard for these tokens is anything FIDO® Certified - these tokens are reinforced with standard public key cryptography techniques, making them highly resistant to phishing attempts.
Something You Are
This involves biometric data, such as facial recognition, fingerprints, iris scans, and voice analysis – something another person could not replicate!
Why is MFA Important?
In a world where large scale data breaches are fairly commonplace, and your password may be easily accessible to a plethora of cyber criminals with the intent to steal your personal data, money, or identity, having more barriers to entry for your accounts is highly important. The harder it is to break into your accounts, the harder it is for a criminal to gain access - pairing something you know (username and password) with something a threat actor would need to physically steal (phone), makes it less likely they would even try.
Though a strong password, as we discussed in last week’s blog, is a great first line of defense against malicious actors on the internet, it’s not always enough to deter hackers. But a strong password in combination with MFA – now that’s some next-level and easy to implement security for your important personal details!
Although MFA is becoming more and more commonplace, it’s not always available for every account, application, or website. We encourage organizations and individuals alike to make MFA mandatory as a best practice. Implementing MFA both in the workplace and at home can keep your data safer and save you from the headache of a compromised account. Even just a simple extra step like a PIN number or one-time password can become the safety net you need to keep your data secure from danger. Always check before signing up for a new account to see if the website or application you’re logging into supports MFA.
For a handy reminder of the importance of MFA, check out the one pager our Critical SaaS Special Interest Group (CSaaS SIG) put together on the topic. And remember to check back next week for our 3rd blog post in our Cybersecurity Awareness Month series!
Comments