Why you need multi-factor authentication to keep your data and accounts secure
When it comes to cybersecurity, there are a lot of terms that are thrown around that many may not understand. For example, cryptojacking, spear phishing, social engineering, and multi-factor authentication. To help users better understand some of these terms, here is a quick primer on multi-factor authentication (MFA).
What is multi-factor authentication?
The easiest way to distill the concept of MFA is that it utilizes something you know (your password) and something you have (your phone, an authenticator app, hardware token) in order to secure your account. The idea is that in order to gain access to an online account, you have to get through multiple layers of authentication. This makes your account more secure because it’s harder to get into and thus not as vulnerable to password cracking attacks.
How is multi-factor authentication different from two-factor authentication?
It should be noted that there is a difference between two-factor authentication (2FA) and multi-factor authentication. The former means that there are only two ways to confirm you are who you say you are (e.g. password and a text). The latter means that there are more than two ways to confirm you are who you say you are (e.g. password and text and hardware token or biometric scan).
Weak vs. strong types of MFA
To muddy things even further, there are actually weak forms of MFA. Here is the golden rule when it comes to choosing an MFA type, as advised by the National Institute of Standards and Technology (NIST): SMS is the weakest type of MFA so only use it as a last resort when no other MFA option is available. From weakest to strongest MFA options, it is as follows: SMS, phone call, e-mail, authenticator app (e.g. Google authenticator), hardware token (e.g. YubiKey), biometric (e.g. fingerprint).
The strongest types of multi-factor authentication are biometrics, hardware tokens or authenticator apps.
Yes, MFA is worth the effort!
Although it may seem like a lot of work to add MFA to an account, the benefits far outweigh any inconveniences. With recent data breaches such as Marriott Hotels, Facebook, and Under Armour, malicious attackers took the information from these breaches and used those passwords to get into other user accounts (e.g. banking, social media, e-mail) because many people reused passwords. If those user accounts had MFA enabled, it would have been much harder for an attacker to gain access to the accounts.
With all of the news about corporate data breaches and hackers it can be daunting to try to protect your online accounts. However, something as simple as adding MFA to all your accounts is one easy thing you can do to ensure your accounts are as secure as possible and less prone to being compromised by an attacker.