Here is an informative and helpful tip to keep you, your family, and your businesses safe in cyberspace.
Today’s topic: Multi-Factor Authentication
With news reports of an ongoing Microsoft Exchange Server hack that has affected over 30,000 organizations to date, online security should be everyone’s top priority. One simple practice to raise your security posture that we are discussing today: multi-factor authentication.
What is Multi-Factor Authentication?
If you have ever entered a password and then received a code via text message, then you already know what multi-factor authentication is: multi-factor authentication (MFA) requires a person to provide multiple factors to verify their identity, in the preceding example a password and a one-time code. 2 Factor Authentication (2FA) is a specific subset of MFA where only 2 factors are used, although practically speaking the two terms are often interchangeable.
Why is MFA important?
If a hacker compromises a database of passwords and a user does not have MFA, then the hacker can easily access the account. With MFA, there is greater security against hackers being able to impersonate users—unless they have exploited both means of authentication.
What are recommended second factors of authentication?
Unfortunately, with the proliferation of SMS spoofing (where a hacker pretends to possess your cell phone in order to receive text messages intended for you), a text message code sent to your phone is no longer a recommended security practice, although it is still much better than simply using a password and a practice effective in most cases. To have more peace of mind, however, using an app such as Google Authenticator or Duo Mobile Security is considered a more secure way to authenticate. Plus, it works even if your cell connection drops!
Does X service support MFA?
To find out, this handy website has catalogued major services and whether or not they support 2FA:
If any of your accounts support 2FA and are not yet protected by 2FA, set it up today!