Multi-Factor Authentication (MFA)

Multi-factor authentication - What is it?

Multi-Factor Authentication commonly referred to as MFA, sounds complicated, but almost every adult performs MFA at least once a day. You swipe your card at your ATM and then enter your pin; You performed Multi-Factor Authentication. 2FA is also another terminology used for this type of authentication. Two-factor authentication is used in which two forms of credentials are required to gain access. According to experts, using MFA is one of the top three things to do to protect yourself online. 

Since a pretty high percentage of people tend to use only a few of the same passwords, it would be really easy for criminals to access many of your accounts by knowing just one of your passwords, or all of your accounts if you always reuse the same password! Adding MFA factors can help protect your privacy.

When a program or device applies MFA (multi-factor authentication) it will require the user to enter a piece of information only the user would know, insert or provide a possession that only the user should have access to, and a physical or personally specific measurement or action. MFA can also be known as two-factor authentication (2FA), since it requires at least two levels.

The best combination for security is something you know and something you have.

Your password is something you know. Be sure you are using a secure password!

Your phone, email, or a security token device is something you have. If someone can access your email or phone, or just look over your shoulder, they can still access your account. A security token device, like a Yubikey, provides superior multi-factor authentication protection!

Two factor authentication offers overall, better security. Security is based on the reasoning that an unauthorized user will not be able to supply the information needed to access the data. Usually, if misused repeatedly, the data is blocked. These factors may include a secret token, a bank card, or a key, to use a few examples. The second factor would be a password or a pin.

Knowledge Factors (also knows as Security Questions) are when a user has to provide knowledge to verify. Examples of knowledge factors would be secret questions, which are set up initially by the user. Poor standards of knowledge factors would be asking where you were born, or where do you live. In either case, these are questions that could be answered by people who know you or familiar with where you were born or know where you live. Unfortunately, in today's world, this information is easily accessible just by knowing your first and last name. Security Questions are not very secure anymore because your personal data is known to attackers because they've stolen it from so many online services that have been hacked before.

Dual verification is only as functional as the type of information we use. Using birthdates, your last name or the year you were born are excellent examples of information that can readily be determined by a hacker.

Yes, remembering ids, passwords, and pins can be overwhelming. However, stolen bank information, credit card information, your credit reports is cash waiting to be taken from you.

Implementing a good secure password and a device like a Yubikey are the best ways to protect yourself online.