Data Net Blog

Data Net Blog

Data Net has been serving the California area since 1983, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Multi-Factor Authentication 101

thumb-4_blogs_03

You have probably already come across the term multi-factor authentication (MFA, sometimes 2FA). The concept is not new, but more vendors are suggesting and even requiring it to secure accounts on their systems. We will discuss what multi-factor authentication is and why you should be adopting it.

What is multi-factor authentication?
Multi-factor authentication is basically the use of more than one credential to gain access to data. It is a combination of multiple access credential types. For example, instead of gaining access to an account by just typing your username and password, you will be asked to further verify your identity by entering some other information, such as a PIN, a one-time password (OTP) sent to the phone number linked to the account. Mobile apps and fobs that generate new codes constantly are also being more widely used.

Why do you need multi-factor authentication?
Multi-factor authentication offers an additional layer of security. Simple access control measures such as logging in with user ID and password are increasingly being breached by cybercriminals because no matter how much we condition ourselves to follow good password hygiene, sometimes, we slip up. Have you ever been guilty of any of the following?

  • Writing down your password so you don’t forget it
  • Sharing your password with someone just to get the work done faster
  • Used the same password for multiple accounts just because it is easier to remember
  • Creating a password that is obvious or easy to figure out, such as your date of birth, numbers or letters in sequence, your name, etc.

Multi-factor authentication can help prevent cybercrimes that happen due to leaked or hacked passwords.

How does multi-factor authentication work?
Multi-factor authentication depends on a combination of the following three elements:

  • What you know
  • What you have
  • Who you are

The user has to prove their identity by answering the questions related to each of these three elements. User IDs, passwords, secret questions*, date of birth, etc., fall into the first category (What you know), while OTPs sent to your smartphone, a physical token or an access card belong to the second category (What you have) and the third category (Who you are) includes biometric authentication such as retina scan, fingerprint or voice recognition.

Multi-factor authentication is no guarantee of data safety, but it certainly reinforces your data security. While there are tools available in the market that you can purchase and deploy, you could also connect with an MSP to help you implement multi-factor authentication across your network smoothly.

*A note on secret questions: Some vendors still use secret questions, but they can be as problematic as passwords. Any publicly available information should not be used as answers to secret questions. This includes information from your own or other’s social media posts as well as public records. Make up fake, even nonsensical questions and answers to your accounts, and just like passwords, vary them from account to account.

You’d Be Surprised What Can Be an Unsafe Google Se...
Don’t Let Fake Browser Updates Fool You
Comment for this post has been locked by admin.
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Friday, 22 November 2024

Captcha Image

Network Audit

Our network audit will reveal hidden problems, security vulnerabilities, and other issues lurking on your network.

Sign Up Today!

News & Updates

There has been a good deal of controversy about how personal data has been collected, sold, and used over the past few years. Companies of all types package and sell data to create a valuable extra revenue stream for their business, and while this sh...

Contact Us

Learn more about what Data Net can do for your business.

Data Net
2445 5th Avenue Suite 200
San Diego, California 92101