What is MFA?
Most of time, when you log into a website, like your bank account, email, or online shopping, you enter your username and password (credentials) and you’re in. Multi-Factor Authentication (MFA), also called Two-Factor Authentication (2FA), is an extra step after entering credentials that verifies you before allowing access to your account. For example, you put in your credentials, hit login, then get a prompt to enter your verification code. This code is typically generated by an app on your phone or is sent to you via SMS.
Credentials are split into categories:
Things You Know: Password, PIN, Passphrase
Things You Have: Mobile Device, Smart Card, SMS Code, Token
Things You Are: Fingerprint, Other Biometrics
MFA will require you to enter two different credentials to access your account and they will be from different categories.
Do I need MFA?
The short answer is, “YES!”
About half of all PC users are using five passwords or less for all their accounts. As a result, hackers only need to crack one password to gain access to multiple accounts. They aren’t just cracking passwords. Hackers are targeting large sources of user data and stealing millions of credentials at a time.
What this means is while you may not feel like a target of hacking, it’s likely you’re doing business with companies who are.
Last year Microsoft announced that 1.2 million Microsoft 365 accounts get compromised each month. 99.9% of those accounts didn’t have MFA enabled.
How do I enable MFA?
Many websites will ask you to set up MFA at each log on. If you’ve been clicking the Skip button, it’s time to stop. Just follow the brief steps outlined by each site and you’re all set. Most of them will provide step-by-step instructions along with options for which authentication method you want to use.
If you’re interested in enabling or enforcing MFA for your business, we’d love to help you with that. Contact us to find out more about MFA.
Published on November 24, 2021