According to Microsoft, Multi-factor Authentication (MFA) can block over 99.9% of cyber attacks that aim to compromise your account password security. These accounts include email, banking, shopping, and others. Hacks can be devastating – fraudulent emails sent out, credit card and bank accounts compromised, identity theft, reputation damage, and more.
What is Authentication?
Authentication is the process of verifying the identity of a user. Factors are the methods of authentication. Specifically, there are three primary authentication factors:
- Knowledge or something you know, most often your user name and password or a PIN
- A physical object, or something you have, such as a smartcard or a token
- A physical characteristic or something you are, can incorporate biometrics such as a fingerprint, voice pattern recognition, or a face scan
In addition, there are some other authentication factors related to locations and mobile devices. However, these are the primary authentication factors people think of and use for access to common systems like work networks and email.
What is Multi-factor Authentication (MFA)?
MFA requires a user to authenticate using two or more factors, such as a smartcard and a PIN, or a password and a token. Using a password and then a PIN is not MFA because you are using only one factor: something you know. This does not provide password security.
How does MFA work?
If you have MFA set up on an account, you typically provide your user name and password and then are prompted to provide an additional factor. Sometimes this is “remembered” for 7-14 days on the browser or the application on your phone you are using. During that period of time you can log in without the second factor from the same computer, or you can remain logged in.
When should I use MFA?
Whenever you can! MFA is one of the best ways to protect your privacy and your data, and provide password security. For this reason, it is critical for any type of electronic financial transaction.
Should I use third-party apps?
MFA less of a hassle when you use third-party apps, such as Google Authenticator, Microsoft Authenticator or Duo. Third-party apps generates a random string of numbers on a rotating basis (every 30 seconds or so). Known as a token, this string of number changes every 30 seconds or so. Note that Authenticator apps can be set up on a smart phone or computer.
Links to common third-party authenticator apps:
We recommend using an authenticator app that is backed up and can transfer to new phones or computers. You can transfer LastPass Authenticator to a new phone or device. If you buy a new phone or computer, you’ll have to re-connect Google Authenticator to all of your accounts.
If MFA is so effective, why are people hesitant to use it?
First of all, people are often concerned that they won’t be able to access their accounts if they use MFA – that it will be too complicated. Secondly, they fear it may be burdensome, and the risk is worth only having to authenticate with one factor. Thirdly, they often haven’t thought through the risks involved with having someone nefariously send emails from their account or having a bank account compromised. Furthermore, most financial institutions require MFA. Even social media sites, such as Facebook or Twitter, can have a devastating impact if compromised.