Multi-factor Authentication and Why You Need It

Biometrics such as the retinal scan is one of the ulti-factor authentication methods
Share the knowledge

As the threat of cyberattacks keeps on increasing, individuals and organizations need to take the necessary steps to protect their data. One of the tried and tested ways of deterring data breaches is using multi-factor authentication, commonly known as MFA. The primary reason MFA is hailed as an effective method of deterring cyberattacks is its ability to use several layers of security to protect data.

Multi-factor authentication uses two or more methods to identify the user signing into a service or app. These are:

Something you know
Security question
Password
Personal identification number (PIN)

Something you have
One-time password (OTP)
Smart card or ID
Smartphone

Get New Internet Patrol Articles by Email!

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

 

Something you are (biometrics).
Voice pattern
Fingerprint
Retinal scan

The most popular form of MFA is two-factor authentication or 2FA. This method utilizes the first authentication factor (something you know such as your password) with a second factor (something you have or something you are).

In spite of its ability to protect data, there are many organizations and individuals that do not use MFA. And in some instances, those who use it resort to standard approaches that expose their soft underbellies. Why? Because a majority of people consider MFA a frustrating process and a nuisance.

Traditional MFA techniques usually require that a user goes through every step of authentication whenever they sign in, which is quite a frustrating process. Others require users to create a one-time-password, normally known as OTP, every time they sign in. This is not only annoying, but it is also time-intensive. Now you can understand why MFA looks like jumping through various hurdles.

One of the easiest methods of implementing MFA without making users pull out their hair is utilizing biometrics. Unlike passwords that are easy to steal or guess, biometrics are hard to steal and compromise. In addition, no one can claim to have lost their biometrics or forgotten them.

When information is protected using MFA if one of the factors is compromised you – and anyone else – will not be able to access the app, service, or account. As a result, in the event that someone steals your phone or computer and manages to guess your password, the chance of them going through the various authentication steps successfully is highly unlikely.

Though MFA is considered one of the best methods of securing services and apps, it is far from a perfect solution as it can get compromised via social engineering. This refers to a cybercriminal manipulating a person to give confidential information unknowingly. Social engineering makes it easy for a cybercriminal to get through the various gatekeepers without cracking the MFA security codes. Once they convince you to give up the necessary data, they just call a support desk, pose as the user of that service, and request a password reset. There are also certain types of malware that can be sent to a user’s device via links to intercept texts containing OPT codes which are then directed to hackers.

Still, MFA greatly reduces the odds of an account getting hacked absent the (albeit unknowing) complicity of the account owner. So, although MFA has its flaws, it’s a great and effective method of securing data.

Get New Internet Patrol Articles by Email!

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

 


Share the knowledge

Leave a Reply

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.