MFA is becoming more popular every day. It’s often available for accounts that hold either valuable financial or personal information like corporate email and remote access, banking portals, and social media platforms. Let’s talk about why you should enable multi-factor authentication for all accounts that support it!
What is multi-factor authentication?
Multi-factor authentication, also known as MFA, is a security measure that requires anyone logging into an account to complete multi-step process to prove their identity. In other words, you need more than just a username and a password. MFA makes it much harder for criminals to access your account. If multi-factor authentication is available, turn it on. It’s easy to do and will greatly reduce your risk of compromise.
How does MFA work?
By adding one more simple step when logging into an account, multi-factor authentication greatly increases the security of your account. Let’s look at how it works. Just like logging into your account, the first step is giving your password or passphrase. The second step is to provide an extra way of proving that you’re you, like entering a time-based one-time password (TOTP) or receiving a code via text or email, or accessing an authenticator app on your mobile device.
Some MFA methods are more secure than others.
You should always enable multi-factor authentication if it’s available, while keeping in mind not all MFA methods are the same! Let’s take a look at some of the most common options and what we recommend.
| Recommended | Not Recommended |
|---|---|
| ✅ Authenticator App (examples: Microsoft Authenticator or Duo Mobile) | ⛔ Text Message |
| ✅ Secure Hardware Token (examples: YubiKey or TrustKey) | ⛔ Phone Call |
| ✅ Biometric (examples: fingerprint or facial recognition) |
You might be asking “but what’s wrong with using text or phone call for MFA?” and the answer is pretty simple. These methods are much more easily compromised. Check out this Wikipedia article on SIM swapping. If your only options are text message or phone call, it’s better than nothing, but authenticator apps and hardware tokens provide far superior security.
Why do you need to enable multi-factor authentication?
You may be forced to enable MFA if you’re subject to compliance standards such as HIPAA, PCI and even if you’re not, your cyber insurance policy likely requires it. Enabling MFA provides an additional layer of protection in the event your password is compromised. Simply put, most passwords are notoriously easy for cybercriminals to crack, and most people reuse passwords across multiple online accounts. Passwords are often short and use common words or word combinations, such as season+year (i.e. Fall2022). Add to that the increasing number of data breaches, and it’s easy to see just how insecure a password can be. Don’t believe us? Check out Have I Been Pwned to see if one of your frequently used passwords has been leaked in a data breach.
In an upcoming article, we’re going to make a crazy suggestion: dump those insecure passwords and instead go passwordless!
Do you need help enabling MFA for your business?
Multi-factor authentication is an important layer of the security onion, and we’d love to help you improve your security posture. Schedule a free 15-minute discovery call with someone from our team. If you’re an existing client, we’d love to just say “hi” and have a virtual coffee, and if you’re not, we’d love to see if we’re a good mutual fit!
P.S. if you’re looking for a new IT service provider, check out our guide that covers how to choose your next IT service provider for some quick tips to get you started!
