Multi-factor authentication (MFA) is a security measure that requires two or more credentials to verify someone’s identity. It can be used to create a layered defense against unauthorized access to information, accounts, or even physical locations. It may be less convenient than simply typing in your username and password, but it’s also a much safer security solution.
Why You Need MFA
You may not realize it, but you use multi-factor authentication often throughout your life. For example, if you ever pay for something using a debit card, you’ll be required to provide a personal identification number (PIN). The first step of identification is possessing the card, the second step is knowing the PIN. So if a stranger were to steal your debit card, they may have bypassed the first barrier, but your money will remain safe thanks to the second barrier.
Why Online Accounts Adopted MFA
One of the biggest problems with traditional logins that only require a username and a password is the fact that hackers can capture a password database. Capturing a password database allows hackers to verify their guesses when performing a brute force cyberattack. Even more troubling is that general-purpose graphics processing units (GPGPUs) and rainbow table have given hackers the power to crack 14-character alphanumeric passwords in about 160 seconds.
The adoption of MFA was largely driven by regulations calling for enhanced cybersecurity to protect consumers. Instead of only asking a user to supply a username and a password, accounts using MFA would now also ask for an additional authentication factor. While it isn’t a perfect solution for stopping all intrusion attempts, it is an effective countermeasure against brute force attacks.
What Are Authentication Factors?
MFA programs use authentication methods that require users to provide independent identifying factors to gain access to online accounts. This creates an extra layer of defense against intrusion attempts.
The three most common types of authentication factors are:
- Something you know: Such as a password, PIN, or answer to a security question
- Something you have: Anything you have in your possession that can verify your identity, including your driver’s license, phone, or credit card
- Something you are: Biometric authentication such as your fingerprints, voice, or retina
Other types may use information such as your location or time. The most commonly used authentication factor, however, is something you have. Two-factor authentication, also known as two-step verification, will usually have you use your mobile phone as the second authentication factor.
Smartphones and MFA
Without a doubt, the ubiquity and functionality of smartphones have made MFA easier. Smartphones allow you to receive SMS messages with a verification code to enter. Unlike a PIN, this code is different every time you login. In addition, authentication apps such as Duo Mobile and Google Authenticator have grown in popularity by eliminating some of the hassle associated with MFA.
The Weaknesses of MFA
Many of the problems that come with MFA deal with user inconvenience. The extra layer of security also adds extra steps to the verification process. Many users find the time it takes to perform this extra step to be annoying and cumbersome. Inconvenience isn’t the only issue, however, as smartphones come with their own risks. For example, a trojan could piggyback off a legitimate login that used MFA. There’s also the problem of centralizing all of your security to a single device.
Does MFA Make My Account More Secure?
A security solution that can stop all cybercrime 100% of the time is something that doesn’t exist in the real world. However, by adding more authentication factors to your account login, you make it more difficult for your account to get hacked. Think about it like the security for your car. Locking the doors and activating the alarm won’t stop all criminals from breaking into your car, but it will deter many of them from trying. If you have the option, you should always turn on MFA.
Improve Your Security With SSE
At SSE, we understand how important it is to protect your company’s sensitive information from data breaches and other incidents. That’s why we offer a number of cybersecurity solutions that can be tailored to your business needs. If you’d like to learn more about our services, give us a call today!