December: Multi-factor Authentication (MFA)
MFA - easy as 1, 2, 3.
What do you know? What do you have? What are you?
What is authentication?
Authentication is a process to access your account, your device, or a service.
This means gaining access to a personal phone or computer, online banking, a social media app, a dating app, or gaming app.
It can also be when you enter your work username and password to access your work computer, or applications or services like Microsoft Teams or Virtual Private Network (VPN).
What is multi-factor authentication?
Multi-factor authentication (MFA) is the process of using two or more types of evidence to verify your identity before accessing an account or service.
Three common factors used to authenticate are:
- Type 1: Something you know (like a password or PIN).
- Type 2: Something you have (a security application uploaded to your mobile device, a phone number, a physical object, like a security token, key card, key or bank card).
- Type 3: Something you are (like a fingerprint or facial recognition).
- Provides additional layers of security, beyond username and password.
- Increases security of personal and professional devices, accounts and services by decreasing the risk of malicious activity, hackers gaining access to your account, and breaches.
- Increases cybersecurity.
- Helps businesses meet strict industry regulatory compliances.
- Its another step to authenticating.
- Devices are not always available.
- Having only one registered method can cause you problems if your one method isn’t available.
- MFA fatigue.
MFA Best Practices and Hygiene:
- Educate users on the benefits of registering multiple methods of authentication
- Register multiple methods of authentication (eg. MS Authenticator app and a phone call back number)
- Combine MFA with single sign-on.
Take the MFA Quiz to test your knowledge!