Since our previous post centred on proper password security practice, the next step is to go over multi-factor authentication (MFA/2FA) and how this security feature complements your newfound great password habits.
This seemingly simple solution protects sensitive accounts better than even the most complex passwords, but what really is MFA and how does it work?
What is MFA?
Multi-factor authentication is a crucial tool in the battle against identity theft and malicious actors. After you enter a password, MFA can add multiple factors (usually a second factor) to the login process in accessing company resources (e.g., your work portal, applications etc.).
Factors can be split up into three main categories:
- Inherence (something you are): these are unique characteristics attributable to you, such as a retinal imprint, fingerprint, face picture or even speech. These are widely considered to be the most secure factor but come with their own privacy concerns.
- Knowledge (something you know): meaning a thing that only you know. For example, this could be a password, facts about your personal life, family history and much more. This is the more common factor in online identification but the easiest to spoof.
- Possession (something you have): for instance, a certified document you hold such as a passport or birth certificate. In terms of MFA, the use of encrypted token generation through a key is becoming increasingly popular.
How does it work?
Typically, MFA combines a password (i.e., something you know) with a generated token (i.e., something you have). These tokens are generated in applications such as Google Authenticator or Microsoft Authenticator, but they’re also available via text message (less secure).
To access these applications, you must also confirm your identity through biometrics (i.e., something you are). Combining these factors is considered very secure as it’s extremely difficult and costly to attempt impersonating them.
Why is this needed?
Relying on a single password to access company data just simply is not secure enough, even if your password is complex. Users often have one password for multiple accounts. One compromised account may be all a malicious actor needs to cause irreparable damage.
Here are some alarming statistics:
- 95% of cybersecurity breaches are caused by human error
- “123456” and “password” are among the most common password choices in 2021
- 62% of people share passwords via SMS and email
- 99.9% of attacks are blocked by multi-factor authentication
Implementing multi-factor authentication will greatly reduce the likelihood of a successful breach, but as always, the more security becomes a culture within your organisation the better.
What else is there?
Experiment with security awareness training programs to teach your employees better password hygiene, how to identify breaching attempts, and physical workplace security.
If you’re interested in learning more about MFA, how to implement it in your business effectively or ensuring your employees are trained in best security practices, get in touch with Evisent today for a free consultation.