What is Multifactor Authentication (MFA)?
You know the experience of having to go through the additional step of entering a PIN or OTP (One-time Password) to transfer money from your bank account.
But why is that so?
You are the rightful owner of your account so why do you need to prove it over and over again?
The answer is because online attacks are so common nowadays that it is important to NOT HAVE a single point of failure that may lead to disastrous consequences in case of a security breach.
As your finances and identities move to a digital world, you need more protection than just usernames and passwords for your online accounts.
You can add more protection to your accounts by requiring two or more pieces of evidence/factors to authorize your login. This drastically reduces the chances of online attacks and makes your accounts more secure.
These extra factors you can set up to authenticate you as the rightful owner of your account is called multi-factor authentication (MFA). You can add MFA for your email accounts, websites, bank accounts, and social media profiles to protect your privacy and financial security.
We all love convenience. But you have to know that there are inherent security tradeoffs when you choose convenience over security. Your love for convenience may land you in trouble when handling sensitive information. This quote sums up the need for multi-factor authentication (MFA) when you’re dealing with highly sensitive financial and personal data: “ Security is not necessarily convenient, and convenience isn’t necessarily secure. “
It may be a little painful to go through the additional steps to authenticate yourself. But the pain is worth it when you realize the huge cost associated with your account getting hacked and sensitive information going into the hands of a dangerous person.
How Multi-Factor Authentication Works?
When you need more than one factor to authenticate for access to an online account, it is called multi-factor authentication.
The most common subcategory of multi-factor authentication is two-factor authentication (2FA). In two-factor authentication, a user needs two factors/evidence to get authorized access to an online account. This is usually a password and one other evidence that can be verification codes, authenticator apps, security tokens, and PINs.
Verification Codes
Verification codes are sent to your registered email address and/or phone number to authorize your access to accounts. Without the correct verification code, you will not be able to access the account, even though you have the correct username and password. The verification code provides an additional layer of security and completes the 2FA process.
Authenticator Apps
Authenticator apps are usually installed on a smartphone and generate a 6–8-digit passcode every 30 seconds. The passcodes are generated from a secret code that is shared between the service you are using and your device. The passcode is requested shortly after successfully logging in with a username and password. Without the authentication passcode, you will not be able to access the account, even though you have the correct username and password. Some commonly used third-party authenticator apps include Google Authenticator, Microsoft Authenticator, Authy, and LastPass Authenticator.
Security Tokens
Security tokens add a possession factor to the layer of security for your online accounts. These can be physical USB keys that have to be connected to the computer to authorize your login. Since a physical theft has to occur to grab hold of your USB keys, you can be assured that your two-factor authentication with USB keys are reliable and safe from online attacks.
PINs
When you attempt to make a withdrawal from the ATM using your debit card, you’ll be required to enter a PIN. Without the correct PIN, you will not be able to make a withdrawal even though you have the debit card in your possession. This is also applicable for some online services where you can set a PIN that has to be entered after entering the password to grant access to the account. The PIN provides an additional layer of security in your 2FA setup.
Why Enabling Multi-Factor Authentication On All Your Accounts Is Crucial?
Let’s say that you don’t have multi-factor authentication (MFA) set up on your email account, and your password gets compromised. Without the added layer(s) of security, anyone with the password to your email account can gain access and possibly obtain sensitive personal information. Just think of how horrible it would be if someone was able to gain access to your online banking account details or social media credentials. Enabling multi-factor authentication on all your accounts can protect you from getting hacked.
How to Enable Multi-Factor Authentication On Your Accounts?
I have provided some links to assist you in setting up multi-factor authentication (MFA) on a few popular services.
If you don’t have MFA enabled on these services, I highly recommend you do it.
How to enable multi-factor authentication on Gmail
How to enable multi-factor authentication on Facebook
How to enable multi-factor authentication on Instagram
How to enable multi-factor authentication on Twitter
Conclusion
Multi-factor authentication is a bit of an extra hassle and can even be frustrating at times. But that doesn’t take away the fact that it is one of the best ways to keep your private information secure and safe from the prying eyes of hackers and cybercriminals.
Follow good cybersecurity practices for your online accounts by implementing multi-factor authentication.
Leave a comment below on your thoughts and feelings about multi-factor authentication.
Originally published at https://www.kenneththomas.com on December 23, 2020.
