What is Multi-Factor Authentication and Why Should You Have it?
The Status Quo: Single Factor Authentication
You’re probably familiar with normal authentication by now. It’s made up of typically two things: your username and password. And if you know your username and password, you can get into a site, right? It’s a good basic first level of security. But if you happen to use that same username and password somewhere else, and that site gets compromised, it can be used to compromise other sites where you happen to use those same credentials. And if we’re being honest, those credentials can often be guessed again and again. So single-factor authentication has some limitations, and it’s easy for accounts to be hacked. The solution? Multi-factor authentication.
The Future: Multi-Factor Authentication
So what is multi-factor authentication (MFA)? It combines two or more different factors, typically something only you would know or have. Bank cards are a great analogy in this situation. If you think about your traditional bank card, you need your bank card as well as your pin. Having your bank card alone doesn’t get your cash out of the machine and neither does having your pin alone. You have to have the two of those things in combination. This combined layer of security adds a layer that makes it much harder to compromise.
There are two classic applications of MFA these days. In addition to your username and password, the site might send you a text message to your phone. This way you have to enter a code in order to authenticate. Although better than single factor authentication, it does have its weaknesses. It can be compromised by someone taking over your phone number or intercepting a message. This would be considered the weaker form of MFA. The stronger of the two would be an authenticator application that runs on your phone and generates codes on a regular basis. This way you have to know your username and password, but also must have access to the exact device at the time of login.
Why Should You Use Multi-Factor Authentication?
MFA is the best thing that individual users can do to protect themselves. Google and Microsoft have both independently done studies on the effectiveness of adding MFA to protect your accounts. Their findings? It increases the effectiveness of your security by over 99%. In simpler words, it reduces the likelihood of a successful attack to less than 1% of what it would otherwise be. In security, we’re a big believer there’s no such thing as a silver bullet, but multi-factor authentication is as close as it comes. And it’s effectively zero cost for the sites that support it.
Watch the video from our webinar about Cloud Security Best Practices to learn more about MFA and other ways to stay safe from cybersecurity threats.