Multi-factor Authentication: What is it and why should I use it?

Multi-factor authentication (MFA) (which includes two-factor authentication (2FA)), according to Wikipedia, is a login method requiring two or more pieces of the following: knowledge (something only the user knows, like a username/password combination), possession (something only the user has, such as an app on their cell phone or a security token), inherence (something the user is, such as biometric identifiers), and geographics (somewhere the user is, such as only allowing the user to log in while located in the US). Typical scenarios would be logging in to a bank’s website where you enter your username and password, and they text you a code you need to input before allowing you access to your account; or going to the ATM and putting your bank card in the machine along with your PIN number.

So now that you know what MFA is, why would you want to use it? The simple answer is that a password is no longer enough to keep your accounts secure. There are so many different accounts that we all have, coupled with the severity and frequency of data breaches that gather usernames and passwords from all those accounts and put them out in the open for anyone to grab, that it doesn’t take much effort to break into an account. This is where MFA comes in. Let’s say that a malicious actor has your username and password for your bank’s website: without MFA in place, they can log in and have full access to your account; however, if MFA is turned on and set up they wouldn’t be able to log in without also having access to your cell phone to receive the text message code. Another example would be someone stealing your wallet with your bank card: they can go to the ATM and use your card, but without your PIN number they can’t access your account.

You can get really complex with the requirements too. For example, we can lock down a system so that you need to enter your username and password, along with allowing the login attempt through the mobile app on your phone, and then only allow the login attempt to be successful if you’re located in New Jersey. That may seem like overkill but may not be for a system that has extremely sensitive data.

The bottom line is this: if MFA is available, you should use it.

Sign up for our monthly Timely Tech Tips: https://bit.ly/CBTech-Tips. For weekly tips like these, follow us on Facebook: http://bit.ly/2sCMb30 LinkedIn: http://bit.ly/375e6HB Twitter: http://bit.ly/3ajca0n