The importance of protecting your digital presence from being compromised is higher than it has ever been. Just entering your login credentials on your favorite website is not enough anymore as one wrong click or reused password could have your credentials sniped by an intruder.

Multi-factor authentication, also known as MFA or 2FA, is a method of verifying access to an account by requiring additional credentials beyond a traditional username and password. By enabling and enforcing MFA, you are adding an extra level of security for your logins that is quickly becoming a necessity.

MFA confirms a user's identity by utilizing a combination of at least two different factors:

  1. Something they know: Generally something that they have the knowledge of in their mind, but not necessarily in a physical capacity, such as a password or a PIN.
  2. Something they have: A physical item in their possession that can be used to verify themselves, such as a smartphone or a USB token.
  3. Something they are: A biometric trait of the user than cannot be replicated, such as fingerprints, retina scanning, or voice recognition.

With MFA, a potential compromise of only one of these factors won’t unlock the account. So, even if your password is stolen or your phone is lost, the chances of an intruder gaining access to your information or account is much less likely.

What are the different types of MFA?

  • Hardware Tokens. Hardware tokens, also known as security tokens, are hardware devices that grant the holder access beyond a traditional login. Hardware tokens typically create authentication codes every 30-60 seconds for login. However, since they are typically small devices, they can be easily lost or misplaced and are not entirely safe from being hacked.
    • An example would be a key fob or a smart card to provide access.
  • Text Message (SMS). Text-based MFA interacts directly with a user's phone. After receiving a username and password, the site sends the user a unique one-time pass code (OTP) via text message for access. SMS MFA could possibly be the most commonly used method but is also considered to be the least secure way to authenticate users.
  • Software Tokens. One alternative to SMS MFA is by using a software-generated, one-time pass code or “soft-token”. Users must download and install an Authenticator app via smartphone or desktop. Since the code is generated and displayed on the device in the user’s possession, soft-tokens remove the chance of hacker interception.
    • Google and Microsoft use Authenticator Apps within the Apple Store and Google Play Store to verify logins for their programs such as Microsoft Office 365 and Google’s G Suite. Other programs such as LastPass Password Manager also utilize their own Authenticator programs.
  • Push Notification MFA. Websites and apps can now send the user a push notification for authentication device, which the owner simply views the details and can easily approve or deny access in one touch. With a direct, secure connection, push MFA eliminates the opportunity for unauthorized access. However, text-based FMA may be preferred in areas where internet connections are unreliable.

Relying on passwords alone can be quite dangerous, especially if your logins are not complex, are used on multiple sites, or are left out in the open for intruders to steal. Multi-Factor Authentication is a powerful way of protecting your logins and if the option is available, we recommend making it a requirement for your logins across your organization.

The technicians of neoRhino IT Solutions have the skills, the mentality, and the availability you need to help your business succeed. We can assist you in deploying a Multi-Factor Authentication plan for the account logins across your workstations. Give us a call at (281) 779-4850 for a FREE Assessment and we can manage your technology so you can manage your business.