Are you getting a little tired of reading about all those massive data breaches happening to the big companies? Does it make you feel a bit insecure about your online accounts? Are you worried that your password may have been exposed in one of these breaches? If you answered yes to any of these questions (and you definitely should have!), we have good news for you. There is a way to make your accounts harder to hack. Granted, it isn’t as convenient as a simple password, but it’s a whole lot safer.
Multi-factor authentication (sometimes referred to as MFA or 2FA for two-factor authentication) can be implemented with some sites, applications and services to make your accounts more secure. It works by requiring two separate credentials to be given in order to prove your identity. The credentials are based on something you know (like a password or PIN), something you have (like a cell phone or smart card), or something you are (like fingerprinting or retinal scans). MFA requires you to have evidence from at least two of those different categories to log in. For example, you may need to enter a password and then enter a code that has been texted to you before you can login. In this case, you are using something you know (the password) and something you have (the cell phone). It is important to note that two evidence items from the same category do NOT constitute MFA and aren’t much more secure than a regular password. For example, requiring both a password and a PIN to log into an account is not MFA, because they are both something you know.
So how does this keep you more secure? MFA is part of a defense-in-depth strategy; in other words, it is a security control that is designed to act as a failsafe if another defense fails. It basically adds another wall a cybercriminal must break down before they can get to your account, giving you multiple layers of security. Sure, they might have your password, but if you have MFA enabled and your cell phone is still in your possession, they’re out of luck. Failing to provide both pieces of evidence correctly will block access.
Some popular services are already offering MFA support. Some of the more well-known ones include Gmail, Paypal, and Facebook. You will probably have to manually enable this option in your account on the specified website, and each is different, so check out the site’s FAQs or contact their customer service department for assistance if you need help setting up MFA. In the case of your organization, for remote logins to your internal network, you may need to contract with a service such as Duo to provide MFA options.
While MFA may seem to be an inconvenience at first, it is invaluable from a security perspective. If the news has you worried about the safety of your online accounts, don’t hesitate to look for MFA options. It might mean the difference between a hacked account and staying safe.