A complex and long password full of random numbers or letters used to be considered the height of cybersecurity – but even the strongest password isn’t much use if someone else tricks you into revealing it. The purpose of password security isn’t to test your brain’s ability to remember a collection of obscure symbols, it’s to validate your identity as the correct owner of the account. To this end, Multi Factor Authentication (MFA) is a far superior way of proving that you are who you say you are.
Ensuring that all our customers have the correct cybersecurity practices in place is a key part of our managed IT services. New York businesses suffer more cyberattacks that anywhere else in the world, so it’s important to take all the steps you can to prevent a security breach.
What Is Multi Factor Authentication?
Multi Factor Authentication (MFA) is also known as Two Factor Authentication (2FA). It refers to the process of using more than one piece of information to secure access to an account. Whereas traditionally your access to an account would consist of a username and password, MFA would require you to also supply an additional piece of information.
The most common methods to use for MFA are as follows:
- A code generated by an app
There are several dedicated apps designed for this purpose which are compatible with most accounts which permit MFA. The Microsoft Authenticator, the Google Authenticator, and Authy are all examples of MFA apps. When a user chooses to activate MFA, they install one of the authenticator apps, scan the QR code generated by the service they’re accessing, and from then on will be able to enter a newly generated 6-digit code every time they log in from a new device. Assuming, like most people, you have your phone with you at all times, this is a useful method and is the one which we recommend to our clients.
- A code delivered by SMS
This is similar to the above method but instead of using an app on your phone, the code is delivered to you via an SMS message. For security reasons, this method is not recommended for businesses as there is a higher risk from security threats like SIM swap attacks. Also, as some phones allow you to read messages on the lock screen an attacker who stole your phone may still be able to use the MFA code without having to unlock it.
- A physical device like a USB key
This method is much rarer and is more commonly used to secure physical devices or single installations of software rather than to secure access to online services. A physical device like a USB key or a Bluetooth device must be connected to your machine at the same time as you are attempting to gain access. The benefits and downsides of this method are similar to those of a physical house or car key, namely, it is very secure and unique, but if you lose the key you will have to wait for a replacement to arrive before you can regain access to your device or software.
Why Is Multi Factor Authentication More Secure?
Multi-factor authentication significantly improves the security of any system that it is used to secure. This is because, even if an attacker knew your login and password, they would be unable to obtain access to your account so long as you had MFA active. They’d need your login details, as well as physical access to your phone, in order to obtain access.
MFA codes are virtually always time-sensitive, and they will expire in a few minutes. Therefore, a hacker would not only require physical access to your device, but they would also require it at the exact time they attempted to gain access to your account.
Need More Cybersecurity Help?
We hope this has been a useful overview of the different types of multi factor authentication and of the efficacy of MFA in general. At Carden IT Services, in addition to providing remote IT support services, managed cloud services, and disaster recovery services, we’re always happy to share cybersecurity tips like these. If you are interested in increasing the security of your business and its data, speak to our cybersecurity team today.