You have probably heard about multifactor authentication, or MFA, and you were probably told that it’s important and that you should use it. But do you know what it is, and do you really need it? There has been a big shift to include MFA in many apps and websites recently and it’s not just to make it harder for you to log in. So, let’s get started.
What is multifactor authentication?
Multifactor authentication, or MFA, is a security feature that can be added as a second layer of protection to your password. In other words, instead of only logging into your account with your password, you need to confirm that you are the person who entered the password too.
MFA uses three primary factors:
- Something you know: This would be a password, PIN, or a security question.
- Something you have: An authenticator app, smartphone, security token, or email confirmation.
- Something you are: This covers biometrics such as your fingerprint, voice recognition, or facial ID.
MFA is available when you combine two or more of these factors. For example, if you are using a password, then you can use your fingerprint as the second factor to create MFA. However, if you are using a password and a security question, then you are using a single factor because they both fall into the same group.
Another example is when you use a PIN as the first method of logging into your account, and then you verify your login using an authenticator app on your smartphone for your second authentication.
You may hear people talking about two-factor authentication, or 2FA. 2FA is when only two factors are used for authentication, whereas MFA is two or more factors.
Is MFA still important?
Cyberattacks are on the rise which means that having a password alone is not enough. No matter how strong your password is, it can still be cracked by a hacker given enough time and determination.
MFA reduces the risk of your account being compromised. Even if a hacker has your password, they will still need to perform the verification step after logon. This one additional step makes it a lot harder for someone to access your account.
MFA has become a necessity because of how easy it can be to obtain someone’s password. Many companies and services are including MFA as part of their standard authentication process, thereby reducing the likelihood of your account being hacked.
Do you really need MFA?
The short answer is YES! While it may not offer full protection, MFA will drastically reduce the risk of your account being hacked. Remember that security is best used in layers – the more measures you implement, the more you reduce the risk of someone accessing your personal information.
Types of multifactor authentication
Now we know that using MFA is important to help keep our accounts safe. Let’s look at the different types of MFA available for you to use:
- SMS-based MFA: The app or service will send an SMS or text message to your phone. The SMS will contain an OTP, or one-time PIN, to use for verification. While this is effective, it is relatively easy for hackers to obtain your OTP if they gain access to your phone number through SIM swapping.
- Authenticator apps: Apps like Google Authenticator or Microsoft Authenticator will generate a code that changes every few seconds. This is better than using the SMS method as it is more secure and limits the time available to use the code.
- Biometrics: This will include your fingerprints, face ID and voice recognition, and is extremely powerful. For example, your fingerprint is unique so only you would essentially have the “code” to login to your account. Biometrics is usually enforced when high security is required.
- Hardware security tokens: These are physical devices that will generate a unique code to perform the verification step. The security token is often used by companies where high security is required.
The combination that is often used is a password for initial login and an authenticator app for the verification. However, you need to choose the combination that works best for you. Many people are including biometrics into their security, most commonly using their fingerprints for the verification.
How to enable MFA on your accounts
- Check your accounts to see which have the option to enable MFA. Most popular platforms already support MFA. When you’re logged into your account, go to your account settings and check for the “Security” or “Privacy” options.
- Download an authenticator app and set it up. Most platforms, like Google, do not charge you to use their authenticator app.
- Add biometrics, if you are comfortable doing so. Not all devices support biometrics, but if your device does, consider using it for authentication.
- Set up your recovery options. This is a very important step to ensure that if your device is stolen or you forget your password, that you can use a recovery question or number to access your account. Just don’t provide an answer for your security question that can be easily guessed!
While MFA is not 100% safe, it does increase your security. If you use a combination of different factors, you can help to protect your account and prevent your data from being stolen. Be secure!
