If you are a user of the internet or, even accessing a phone or tablet application such as mobile banking, then you have likely come across and even used, multi-factor authentication (MFA, for short).
As technology advances and we are spending more time online – this is resulting in us sharing a lot more personal information across online platforms. To make up for this higher level of detail being stored electronically, security methods are continuing to be invented and evolved, to compensate.
In order to protect your personal information, when you log into a social media website such as Facebook, or access your mobile banking app, you will be asked to go through at least one ‘authentication process’ to prove that you are indeed who you claim to be – at a basic level, this is likely going to include inputting your username and password, in order to login.
Multi-factor Authentication is a method that requires the user to provide two or more verification actions, to gain access to something.
Using MFA requires extra steps in your verification or login process. For example, using one-time passwords (OTP’s). Have you ever tried to log into something, and you have received a code to your email or mobile phone, which you have then had to paste into the application or website? This is a type of multi-factor authentication.
If two categories of authentication are used, the process is referred to as two-factor authentication or 2FA. If three are used, the method is referred to as 3FA or three-factor authentication and so on. These are both subsets of Multi-Factor Authentication.
For much of the time, MFA authentication is based on accessing one of the following sources, or additional pieces of information –
This type of information includes passwords, pin numbers, or security questions that you have previously submitted responses for, such as ‘What was your pet’s name’ or ‘Name of the street you grew up in’ You know the ones…
This includes using a mobile phone or email address, where a sign-in link is generated and sent, or a one-time password is provided. These one-time passwords are sent to something you own, such as your mobile phone – with the idea being, that only you will be able to access the generated passcode in order to log in.
User-owned information could also include more technical methods such as USBs or secure fobs.
One of the newer forms of authentication – includes methods such as fingerprint scanning, facial ID, and even voice recognition.
Around 65,000 attempts to hack small to medium-sized businesses (SMBs) occur in the UK every day, and unfortunately, around 4,500 of them are successful.
Multi-Factor Authentication will increase your personal, or business security.
If you were unfortunate enough to be on the receiving end of a cyber-attack and a hacker was able to steal your username and password, they would quickly gain unauthorized access to your home or business network. By choosing to implement MFA, hackers would need a further factor, such as a fingerprint or code, to gain the information they are looking for. Without it – access will not be granted.
Simply relying on usernames and passwords for online security can be risky, these more basic levels of authentication can be vulnerable to cyber-attacks, especially those who use ‘common’ passwords such as PASSWORD123, or ‘PASSWORD’ – if you’re reading this, and you can relate – we recommend you change your password as soon as you can. These types of passwords are easily guessed.
With the invention and growth of cloud computing, MFA is becoming more of a necessity. As more companies move systems to the cloud, more evident during recent years due to the COVID-19 pandemic and home working, businesses can not solely rely on a worker or user being physically logged into the same network, being a security factor.
MFA can help to create a more secure work environment, requesting users provide several pieces of information in order to access networks or information – a welcome safety net from the world of hackers.
If you are requiring IT support, the team at sfG Software would be delighted to discuss your requirements with you. Say hello, today.