Multi-Factor Authentication (MFA) is a simple way to improve your information security both personally and professionally. MFA utilizes the principle that authentication requires at least two methods of verifying your identity for access; typically, this is something you know (such as a password) and something you have (such as a secure code sent to your smartphone).
Many companies such as financial institutions and social media sites have offered their customers some form of MFA for years and if you haven’t enabled this, you should seriously consider it. The main reason to do so is that if someone obtains your password for a website or application and tries to gain access, their access will be prevented because the MFA code will be sent to you and not to them.
To utilize MFA, you’ll need a smartphone with text messaging or an authentication application such as Google or Microsoft Authenticator. Some websites will also call an authorized phone number with the MFA code if you prefer a good old telephone call. The one method of MFA you may want to avoid is receiving the MFA code over e-mail since e-mail isn’t a secure medium for information exchange. That said, if that’s the only choice for MFA then it’s better than not using MFA.
To get started with MFA, check the security settings for the websites and applications that you use to see if they offer MFA. It may also be referred to as one of the following:
- Two-Factor Authentication
- Two-Step Authentication
- Two-Step Verification
- 2FA
When setting up MFA, you’ll need to provide the authentication methods you’d like to use. You are usually allowed to setup more than one authentication method if your primary method of authentication is unavailable.
Authentication applications are recommended over other methods for receiving MFA codes because they can be installed on another mobile device if you upgrade your device whereas a change in phone number or e-mail address requires you to update your MFA settings. Authentication applications can also require biometric confirmation such as facial recognition before allowing you to retrieve your MFA code as an added level of security.
If you’d like to discuss how to utilize MFA in your workplace, then contact The SMB CIO today.
