Why Use Multi Factor Authentication?
Anthony Roberts, Senior Infrastructure Engineer, Fabric
Multi-Factor Authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify the user’s identity for a login or other transaction.
Why use Multi-Factor Authentication
Passwords are credentials that can be potentially hacked, phished or even obtained from a sticky note on someone’s desk. Multi-Factor authentication increases the level of security on a network because it doesn’t just rely on a username and password combination.
For a hacker to be able to authenticate as another user on the network, they would need to have both the username and password combination as well as the second authenticator. This way, you aren’t relying on a password-only solution.
With more organisations seeking GDPR, PCI, and Cyber Essentials accreditation, having MFA set up on things like a VPN connection is essential to obtaining compliance.
What options are there for the second level of credentials?
To set up multi-factor authentication, you would typically begin with a username and password for the first layer of security, then one of the following challenges:
When the user submits their password, an email is sent to a registered address containing a code or link to click. Once the code is input or the link is clicked, it authenticates the application and will log you in.
If you set up your phone number, an SMS message can be sent to the user containing a unique code. The user will then need to enter this code into the application to log in.
A Key fob
You can purchase a key fob which generates random code combinations. After entering your initial password, you can press a button on the key fob (or enter a secure preset code) which will generate the final access code which you’ll need to input to log in.
A Mobile Application with a Push Notification
This is where a push request generates through an application on the user’s mobile phone. When the user accepts the push request, the account will log in.
We recommend the application Microsoft Authenticator.
I’d strongly suggest setting up multi-factor authentication for your organisation. Passwords aren’t as secure as they once were and with social media on the rise, it’s easier than ever to guess the combination. Even if your password is very secure, you still run the risk of being hacked. Adding an extra step to prove you’re the account holder is well worth the time it takes to set it up. With speedy solutions like Microsoft Authenticator and push notifications, it’s easier than ever to improve your business security.