Multi-Factor Authentication: Why It's Important & How to Set It Up
You have passwords for every online store, financial institution and social media website, yet you were still hacked. How is that even possible? Sadly, this is becoming more and more common, which is why multi-factor authentication (MFA) has become more widespread.
What is Multi-Factor Authentication?
Multi-factor authentication is a way to verify that someone is who they say they are because two or more means of identification are presented. Usually, there are three methods: something you know (such as your password), something you have (like a mobile phone) and something you are (a fingerprint or some other biometric verification). If only two factors are present, it’s called two-factor authentication (2FA).
The goal is to make it much more difficult for hackers and scammers to gain access to your accounts. You’ve probably received spam emails that require you to click on a link. The way those people get your information is through things like password cracking software and rainbow tables, which is a list of all possible permutations for an encrypted password.
What Are the Benefits of Multi-Factor Authentication?
Multi-factor authentication used to be two-factor authentication, but adding the extra factor adds another layer of security. If just one of these factors has been compromised by a hacker, then you won’t gain access to your account and neither will they. Then you can simply change your password and start over.
If you’re like many people, you use the same password everywhere you go on the internet. That means if hackers get access to one account, they can access all of them. Multi-factor authentication is considered by IT professionals to be one the most effective ways to protect both cloud-based data and online information.
How Does Multi-Factor Authentication Work?
Multi-factor authentication requires additional factors to prove identity. Examples include:
- Security questions
- One-time password or a code
- Codes sent to you via text
- Calls to your mobile device
- Software certificates
- Facial recognition
- Voice recognition
- Iris scanning
MFA can also involve location scanning. If you are in Colorado and there’s a log-in attempt from South Korea, you could be on vacation or you could be the victim of a hacking attempt.
For example, you enter your debit card at an ATM. You need to enter something you have (the debit card) and something you know (your PIN). If your ATM also has a fingerprint scan, that would be multifactor authentication.
Another common example is you’ll enter your username and password for an online account, such as your financial institution. The financial institution will then send a code to your phone, which you need to enter in order to gain access. If they send the code via text, this is known as a text token.
Have you ever been asked to enter your zip code when you buy gas? That would be an example of older MFA technology, but it is MFA nonetheless.
With so many people working from home because of the pandemic, security has taken on new importance. A data breach on your account could expose your entire corporation to a cyberattack. Multi-factor authentication helps protect both you and your workplace from hackers, scammers and phishing attempts.
What is an Authenticator App?
Because there is an app for everything, there is one for multi-factor authentication as well. An authenticator app can be downloaded from either the App Store (Apple) or Google Play (Android) and generates a six to eight-digit passcode every few seconds. When you want to log in to an online account, you’ll enter both your password and the verification code the app gives you. This way, there’s another layer of security between you and cybercriminals, and it makes it that much more difficult for them.
Why Can’t I Just Enter My Password?
Ideally, your password should protect your accounts. But computers are getting extremely good at cracking passwords. If your password is weak, they can crack your password in less than 30 seconds. In addition to MFA, make sure to change your passwords every few months or so. Yes, it is a hassle, but getting hacked can result in a lot more frustration.
It’s not possible to prevent all cybercrime, but you can make it much more difficult for criminals to hack into your account by using multi-factor authentication. You can also use strong passwords and change them every three months.