Cyber 101 – Multi-Factor Authentication

With a new cyberattack reported every day, everyone is asking one question; how can I make sure I’m not next? Cyber 101 is a series of blogs focusing on the ultimate basics of cybersecurity. By utilizing these simple remediations, your networks and accounts will be on their way to defending against cyber actors.

Authentication Factors

Cybersecurity utilizes three different types of authentication, focused on something that you know, something that you have, or something that you are. The most common example of something known is a password or passphrase. This type of authentication is based on a unique value that should only be known to your user. An example of something that you have can be a physical token or an app on your smartphone. Physical authentication is based on your user maintaining control of a physical object, eliminating the possibility that a known value can be guessed. The last authentication type, and least frequently used, is something you are, such as a fingerprint or ever-emerging face recognition technology. Biometric authentication is based on a unique feature of your user that is part of their physical makeup, and therefore cannot be recreated.

Photo by cottonbro on Pexels.com

Why Use Multi-Factor?

The use of multi-factor authentication has become more common and widespread in recent years. Utilizing multiple authentication factors is growing due to the relative ease in the implementation, which doubles the degree of difficulty in a non-legitimate login. In addition, by requiring two or more authentication factors, you eliminate the ability for a bad actor to compromise an account with only one piece of information, such as a guessed or stolen password. A further benefit of multi-factor authentication is the possibility of setting shorter lifespans for authentication requests. For example, by adding a generated code from a token, administrators can set time limits of the usage of each authentication response, reducing the likelihood that a stolen response will be valid. Requiring a password to be changed every fifteen minutes is not a feasible request, but partnering a known password with a one-time code increases system security.

By utilizing multiple authentication factors, system owners can quickly increase the difficulty of a non-legitimate login from occurring. Users should enable multi-factor authentication for any accounts that contain sensitive information, such as banking or email accounts.