tl;dr version: Enable multi-factor authentication to keep your accounts safe and protected.
Your passwords aren’t secure.
No, really. Your passwords are not secure.
Hackers are having a field day with COVID-19. Phishing scams designed to distribute malware and/or nab people’s personal information are on the rise. And you might think you know better than to open that one fishy email or click that one suspicious link. But when you’re doing everything from home (as so many of us are now), it’s easy to let your guard down. And to top it all off, using similar passwords across all your accounts (which you probably do) means that if one password gets stolen, you’re probably gonna run into issues with the others too.
So if all you use to protect your (and your employees’) accounts is a password, you’re going to get owned.
So what can you do?
You can enable multi-factor authentication.
More authentication, fewer problems
Multi-factor authentication (a.k.a. MFA) is a way of adding more authentication factors to networks and applications in order to make logging in more secure.
What is an authentication factor? Well, it sounds complicated, but it’s not.
An authentication factor is just something you need to log in to an account.
It doesn’t matter what the account is. It could be social media, online banking or tax sites, a VPN — anything really.
So for example, a password that you use to log in to Facebook is an authentication factor.
But when you log in to an account — any account — using a password, you’re only using one authentication factor to get access to the account: the password.
And that’s a massive problem.
All you need to get access to the account is the password. So all anyone else needs to get access to the account is… you guessed it, the password.
And passwords are ridiculously easy to crack or even guess these days.
(And let’s face it, you’re probably using something like “HeresMyPa55word!” on all your accounts anyway.)
And that’s why multi-factor authentication matters.
Multi-factor authentication adds authentication factors that make it harder for anyone but you to access your account.
What you know, what you have, what you are
When you log in to an account that’s protected by just a password, you’re authenticating who you are based on what you know.
Makes sense, right?
Your password is something that only you know. So when you input that password, you’re telling the app or tool or device you’re trying to use, “Yes, it’s me because I’m the only one who knows this super-secret word, so let me in.”
But passwords just don’t cut it anymore. They’re just too easy to crack or phish to be effective on their own.
So what do you do?
Add security questions?
Sure. Security questions will definitely make your accounts safer.
But security questions are like passwords: they’re just things you know. So if someone knows the answers to your security questions, then they can get in. And those answers aren’t difficult to find out. You’ve probably shared your answers on social media without even knowing it.
But here’s the thing: there are different ways to authenticate beyond just providing what you know.
MFA adds authentication factors that ask you to authenticate with what you have and what you are.
For example, you might need to input both a password and a unique login code sent to your smartphone via text message.
This way, getting access requires both something you know (your password) and something you have (your phone).
If someone out there is trying to get into your account, they might know your password.
But they probably don’t also have your phone.
And without that phone, they’re not getting in.
Or even better: you may need a time-based one-time password — TOTP for short — generated by a dedicated authenticator app on your phone. TOTP is even safer than text message codes because it relies on a specific app rather than your phone number. (After all, phone numbers can be stolen.) And it’s available at no extra licensing cost, and it integrates with most login environments.
Or even better than that: you may need to provide a unique fingerprint or voice data to access your phone in the first place.
That’s how MFA makes the login process more secure.
MFA diversifies authentication factors across three areas.
- What you know — things like passwords or security questions
- What you have — things like phones or USB devices (also known as a token)
- What you are — things like fingerprints or your voice (also known as biometric data)
Mix and match these authentication factors, and suddenly the chances of anyone but you getting access to your accounts diminish… by a lot.
If someone’s trying to access your account — whatever that account may be — and they need (1) a password that you know, (2) a phone that you have, and (3) your fingerprint… then they’re probably not getting in.
That’s why MFA can help protect you and your business’ network and apps and give you a huge boost in security.
And right now, that’s more important than ever.
Affant is a managed IT service provider. Located in Orange County, California, we’ve offered our clients best-in-class IT services for over 20 years.