What is Two-factor / Multi-factor Authentication?
Put simply, two-factor authentication (2FA) or multi-factor authentication (MFA) is an additional layer of security that aims to address the vulnerabilities that a standard single password system can have.
With a standard username and password only system, it’s relatively easy to fall prey to cyber criminals and other nefarious parties. Think of the rudimentary username and password combination as having only a single line of defense.
Two-factor Authentication or Multi-factor Authentication adds a second line of defence by introducing an additional step to verify who you are. Instead of immediately gaining access to an account or information after entering a username and password, an MFA requires an additional piece of information.
This second layer of protection comes from one of the following categories:
- Something you have: Most commonly a user would have something in their possession which can be used to verify their authenticity. This can come in the form of a smartphone, text message or a hardware token.
- Something you know: This could be an answer to a secret question, a personal identification number (PIN) or even a specific keystroke pattern.
- Something you are: This is the most advanced form of 2FA and can include voice prints, iris scans and most commonly a fingerprint.
This second layer makes gaining access to accounts and information incredibly difficult as a compromise of one of the factors won’t be enough to unlock an account.
Why use Two-factor Authentication / Multi-factor Authentication?
With more of our business happening online, through mobile devices and computers, it’s easy to see why our digital accounts and information have become a target for criminals and other parties.
Malicious attacks, data breaches, hacks and other cybercrimes are becoming more common with massive increases in the number of sites and organisations losing the personal data of their users.
As cybercriminals develop more sophisticated and advanced ways for gaining access to information and data, it’s clear to see that old security systems are simply no match.
These issues aren’t reserved for the Facebooks and Googles of the business landscape, but for global companies, start-ups, small businesses, nonprofits and organisations of all sizes. Data breaches, often times even caused by simple human error, result in severe reputational and financial losses.
A recent study revealed that in 2016 over $16 billion was taken from 15.4 million U.S. consumers as a result of data breaches and an additional $107 billion from identity theft.
Who uses Two-factor Authentication / Multi-factor Authentication?
One of the most common users of two-factor authentication are businesses of all sizes. Organisations are able to significantly reduce the likelihood of phishing scams, as criminals are unable to gain access to login information and other secure data with usernames and passwords alone.
Likewise, we see organisations who aim to keep their own data and information confidential and secure, as well as that of their customers and clients, use MFA to reduce their risk of data breaches and as a form of value add for their clients.
Why Multi-factor Authentication is important for your business
Attempts to steal legitimate user or administrative credentials happens frequently when a party is able to compromise a network. These credentials allow them to easily propagate on a network and conduct malicious activities without the need for additional exploits, which significantly reduces the likelihood of them being detected.
When two-factor or multi-factor authentication is properly implemented throughout an organisation, the ability to steal a complete set of credentials becomes much more difficult. The user has to prove they are allowed access using something they have (physical token), something they know (PIN) or something they are (fingerprint scan).
It is vitally important that multi-factor authentication be implemented correctly in order to actually reduce security vulnerabilities and not simply create a false sense of network security.
An example of this would be when MFA is used for remote access solutions within an organisation, but not for corporate workstations. An unknown party could compromise the username and password from a device used for remote access and then use it to authenticate locally to a workstation or to propagate within a network after compromising the initial workstation on the network. In this case, multi-factor authentication for remote access is better than just a username and password, but doesn’t negate the requirement for properly defended devices to be used as part of a comprehensive remote access solution.
If you’d like to learn more about how we can help you with two-factor authentication / multi-factor authentication, please call us at any time on 07 3120 0640 or email us at [email protected].