What is Multi-Factor Authentication

Mankind has been using passwords for centuries for controlling access to protected locations and information. Just visualize the sentry standing at their post directed to stop any unknown enemy. Since the onset of computer systems and PC’s passwords have been promoted to protecting our personal and business data. Over the years, passwords and password encryption methods have become more complex, but so have the skills of hackers.

 

Usernames and passwords on average aren’t secure enough to protect your company’s sensitive data. Compromised passwords account for 81% of data breaches in the past few years. As we continue to transmit more and more sensitive information online, strategies we currently use to secure access to information are inadequate.  It’s time to adopt another “stop, who goes there” layer of verification.

 

Multi-factor authentication adds that layer by utilizing password validation, as well as requiring the user to validate their identity using other factors. In effect, a user now needs at least two pieces of information to access their IT resource.

 

Three different characteristics are often used as factors in the authentication process:

1. 1. Something you know: Your password, pass phrase, or PIN.
   2. Something you have: A phone, key fob, employee access card, or code generator that is in your possession that gives you a time-sensitive passcode
   3. Something you are: Utilizing facial or voice recognition, retina scan, or fingerprint scanning

 

Two-factor authentication is a subset of MFA that utilizes just two of these variables to grant access to an account. By requiring more than just your user credentials (which are commonly compromised), MFA adds an additional layer of security that makes it nearly impossible for someone to gain access to your information. A person would have to know your password and have either your phone, or be holding you captive, in order to break into your account.

 

Why use Multi-Factor Authentication?

Twenty-Five percent of employees admit to using the same password across all their accounts, at home and office, and hackers rely on this lazy practice. Should any of those accounts be compromised, a hacker can use that information to access any other account that person has setup with the same username and password.

 

The scariest part is that often employees are giving these credentials away without knowing it! Phishing is a type of social engineering that is running rampant. Users are asked to enter their credentials into a fake site for “account verification” or under some other pretense, and those credentials are being used to log into whatever sites they can get their hands on. If you’ve given up your email credentials hackers can change your logins so you can’t get back in.

 

With multi-factor authentication, even if someone learns your password, they can’t access those protected accounts without having a pin or access code.

 

How it works: