Multi-factor Authentication (MFA) increases account security and decreases identity theft
Multi-Factor Authentication or MFA is an authentication method in which the user or accessor is required to provide two or more verification factors in order to gain access to a particular online account, mobile/web application, or a VPN(Virtual Private Network). MFA makes the login process for the user more “secure” by requiring a second form of verification aside from normal username and password credentials which significantly decreases the chances of a successful cyberattack or account hack. For instance, If a hacker gained access to your accounts username and password information and attempted a login. With MFA enabled, a verification code may be sent to your email or mobile device for additional identity confirmation which said hacker would not have access to.
Why is MFA Important?
The primary reason that MFA is so important is because it will increase your organizations security by requiring that users identify themselves by more than just a username and password. Although important as well, usernames and passwords are vulnerable to brute force attacks and can be stolen by third parties using phishing attacks.
How Does MFA Work?
MFA works by requiring secondary verification information or factors. One of the most common MFA factors that users encounter are one-time passwords (OTP). OTPs are those 4-8 digit codes that you often receive via email, SMS or some sort of mobile app. With OTPs a new code is generated periodically or each time an authentication request is submitted. The code is generated based upon a seed value that is assigned to the user when they first register and some other factor which could simply be a counter that is incremented or a time value.
Main Types of MFA Authentication Methods
Most MFA authentication methodology is based on one of three types of additional information:
· Things you know (knowledge), such as a password or PIN
· Things you have (possession), such as a badge or smartphone
· Things you are (inherence), such as a biometric like fingerprints or voice recognition
MFA Examples
Examples of Multi-Factor Authentication include using a combination of these elements to authenticate:
KNOWLEDGE
· Answers to security questions
· Password
· OTPs (Can be both Knowledge and Possession - You know the OTP and you have to
have something in to get it like your phone)your Possession
POSSESSION
· OTPs generated by smartphone apps
· OTPs sent via text or email
· Access badges, USB devices, Smart Cards or fobs or security keys
· Software tokens and certificates
INHERENCE
· Fingerprints, facial recognition, voice, retina or iris scanning or other Biometrics
· Behavioral analysis
MFA for Office 365
Many cloud based systems provide their own MFA offerings like AWS or Microsoft’s Office 365 product. Office 365 by default uses Azure Active Directory (AD) as its authentication system. Additionally, many iOS products and more and more applications are giving users the option to setup MFA to increase their account or device’s security as we gravitate towards a more wirelessly connected society. We must stay vigilant and it is up to us to ensure that our information and data is safe and secure because data breaches and identity theft will continue to be a problem now and into the future.
Comments