Most of us use password-based authentication every day, a form of Single-Factor Authentication, which is the process of using personal credentials to securely access a system. Did you know that 54% of consumers use 5 or fewer passwords for every single one of their accounts? This means that if a hacker were to crack one of their passwords, chances are that they've also gained access to multiple accounts. So, what can we do to protect ourselves? Using Multi-Factor Authentication (MFA) is incredibly important for safeguarding our information on the web and is a topic that is absolutely essential to protecting our data.
So, what is MFA?
Multi-Factor Authentication, MFA, sometimes referred to as Two-Factor Authentication, or 2FA, is a second layer of security added on top of Single-Factor Authentication. This increases security which will significantly reduce our chances of experiencing a data breach. Let's delve into the details. MFA can be broken down into 3 categories;
- What you know - Personal Identification Number (PIN) or a user-generated password
- What you have - your mobile phone, credit card or a special passkey which contains a radio frequency identifier (RFID) chip inside
- What you are - fingerprint, signature, retinal scan or other forms of biometrics
Sounds like a lot, doesn't it? But it isn’t! For example, you want to log into your online banking account. First, you enter your username and password then, as a second factor of security, the bank sends you a one-time numerical code to your mobile phone. Upon entering this number, you'll gain access to your account! The process is easy and user-friendly while still offering us a way of keeping our information safe and that's exactly why companies are using MFA and encouraging their clients to do the same.
Introducing this second factor into your account authentication process is becoming more paramount with each passing day and will safeguard your data in the event of being targeted by hackers. Earlier we mentioned a one-time numerical code being sent to the user. This is known as a One-Time Passcode or OTP. When a user sets up their account, they choose what type of OTP method they would like to utilize. For example, if they would like to use an OTP with their phone or email, when the OTP is generated, they will then receive an alert by phone or email in order to gain access to their account.
There is also the option of utilizing mobile authentication. The result is the same, but the process is a little different. Mobile authenticators allow you to securely verify your identity through your mobile phone. Users register their mobile authenticator by scanning a bar-code to "link" the authenticator. That bar-code will be used to generate future OTP's for the user to authenticate with whenever they need to. To gain access to your account with this method, you will have to know your password and need to have access to something else in order to verify your identity. Hackers will not be able to easily gain access to both things and thus, your data is securely stored.
Remember how in some movies characters would have to scan their eyes, face or hands in order to get past additional security measures? The idea of this is part of the ‘What you are' factor of multi-factor authentication. We're clearly not quite at the futuristic level of these movies but biometrics are becoming more accessible and incredible by the day. Perhaps one of the most accessible options is voice biometrics. PortalGuard works with a provider called VoiceIt, which allows users to use their voice as an MFA option. Sounds too good to be true? Think again. Into a microphone simply state your name or a phrase to "register" the multi-factor authentication option than when trying to authenticate, you will be prompted to speak into the microphone. VoiceIt will determine whether or not it is your voice reciting the phrase by evaluating certain IPA phonetics/sounds and if it recognizes the voice as yours, you will pass the multi-factor authentication requirement.
When to use MFA?
Multi-factor authentication is recommended for use whenever and wherever possible but there are a few instances where it is particularly important. In cases where you have access to protected or sensitive information, such as Health data (HIPPA) or PCI information, it is vital to keep that data out of the hands of anyone who isn't supposed to be seeing it.
“But I already have a very strong password so what is the point of using MFA?”
As technology gets more and more powerful, so do hackers. They are able to attempt more passwords per second the stronger their computer is, so essentially, the strength of your password is dropping by the millisecond. There is only one way to strengthen your security and that is adding a second factor. 80% of all data breaches could be avoided by the use of MFA, meaning that even if a hacker gets your password, chances are they still won't be able to get into your account if you are using MFA. We all worry about our personal data being breached and there are thousands of instances with others who have stopped attacks by having MFA in place, including myself! One of my sensitive account's passwords was breached, but the hacker was not able to get into my account due to a mobile authenticator being in place. When I was notified that someone was trying to get into my account, I was relieved to know their attack was stopped with the multi-factor authentication I had in place. I was quickly able to update my password and continue with my day.
With how accessible these multi-factor authentication options are, there really isn't any reason you shouldn't want to add further security to your accounts. A few seconds of additional typing is well worth it to prevent the hours of work and additional stress it causes when an account is breached. Passwords aren't always enough, and MFA is the future of password security, so, do yourself a favor and update those accounts!