What is Multifactor Authentication(MFA)?
By Kimberly Connella | August 15, 2019 | 0 Comments
What is Multifactor Authentication (MFA)?
MFA is a security feature that verifies our identities when we log in to our devices, accounts, and networks.
As the cyber-connected world has evolved, the way we authenticate our digital identities has along with it.
Authentication is an essential element of any security model. In the past, authentication was a simple process. Users provided a password, fingerprint, digital certificate, etc. to prove their identities. However, as we store more personal and financial data on our devices, the methods we use to protect it must become more sophisticated.
Multifactor authentication (MFA) requires two or more methods of authentication from those listed above.
It requires something you know (password, pin or security question), something you have (smartphone, smart card), or something you are (fingerprint, facial scan, voice recognition).
MFA is one of the most secure ways to protect your organization, but it also adds another level of complexity to end-users, and therefore, might be frustrating at first.
How does MFA protect your business?
65% of individuals use the same passwords for everything. In 2019 hundreds of millions of users had their personal identifying information (PII) compromised after massive data breaches. Your employees’ credentials could already be for sale online—which compromises the entire network and organization.
80% of all cyber attacks involve a weak or stolen password. Check out some of the signs of a weak password here.
However, MFA mitigates some of the risks. If employee login credentials are hacked or stolen it provides another layer of defense.
Lately, the use of biometric data: fingerprints, facial scans, voice recognition is an increasingly preferred method of MFA. It removes some of the frustration for end-users by resolving tedious issues that arise if your smartphone isn’t charged or you don’t have it on you. It also mitigates the myriad of other risks that come with smartphones.
MFA significantly reduces the risk of hackers infiltrating your device or network.
MFA benefits and shortcomings
One of the most attractive benefits of MFA other than the security it brings is its affordability. Microsoft and Google offer tools for $1-6 per month per user.
There are also free tools online like the Google Authenticator, that provides more security than the typical one-time passcodes sent through SMS. SMS is unencrypted. Therefore if your one-time passcode is sent via SMS, determined hackers can access your account.
Google Authenticator app alleviates this risk.
However, there are additional shortcomings to MFA—and it’s important to understand that while it greatly enhances the security of your business, it’s not bulletproof.
MFA is an essential part of a security plan, not the entire plan. In all cases, it should be an element of a greater security model.
Multifactor Authentication isn’t unhackable
Unfortunately, there is no such thing as “unhackable”. Especially to hackers with sophisticated tools and technology.
Infamous hacker, Kevin Mitnick, goes over 3 ways to hack MFA in a webinar.
- Reproduction/ Guessing the session code with tools, technology, and algorithms.
- Theft of access token at the endpoint.
- Theft of access token through the network communication channel.
Additionally, the MFA is rendered useless if a device or network is already infected with malware. That’s why it’s important to schedule routine vulnerability scans that make sure your systems are secure, in addition to MFA.
Your cyber security system should be a dynamic structure. It should incorporate many moving parts and established practices to keep your system secure.
Read over the 7 cyber security protections we recommend for every business.
Finally, if you want to see where your company is vulnerable to cyber attacks, take our free security assessment. Start the conversation about protecting your business.