Multi-factor authentication (MFA) is a security and authentication protocol that has grown significantly in popularity in the last few years. You’ve probably seen the term somewhere by now, and you may even have used it in your personal life.
Now, it’s time to understand what this technology is and the basics of how it works. Because MFA has gone from “probably a good idea” to mission-critical: your business needs to switch to this more secure technology. Here’s why.
Multi-Factor Authentication Defined
Multi-factor authentication (MFA) s a method of establishing identity that requires more than one type, or factor, of identification. We know, this definition isn’t the most illuminating, so here’s an example or two.
MFA is the technology in play when you log in to your bank or other secure site, and the website requires you to input a code that it texts or emails to you. Your login info is the first factor of identification or authentication, and the temporary code is the second.
Or, when you log into a site or device from your smartphone or Mac, sometimes it asks for your fingerprint (or for a Face ID check). This is also MFA: you provided some kind of credential (like a username and password) as the first factor of authentication, and your fingerprint or 3D face scan serves as a second factor.
Why Multi-Factor Authentication Is More Secure
MFA solutions are more secure than single-factor authentication because it is inherently more difficult to prove identity in two or more ways than in one.
We’ve talked before on this blog about how terrible the username and password system is: they’re easy to steal, easy to hack, and hard to remember. Worse, people reuse their passwords across dozens of sites (even if they know they shouldn’t!).
With single-factor authentication (username + password), all it takes to access an account is stealing, hacking, or even guessing a user’s password. Think honestly for a second about where you — personally — keep a record of your own passwords. We hope they aren’t on a sticky note under your keyboard. But wherever they are, how confident are you that no one could ever gain access?
But with MFA, a username and a password aren’t enough. A bad actor would have to gain access to at least one additional factor of authentication. This isn’t impossible to do, but it’s much, much harder.
Think of how much targeted effort it would take to gain access to one of these:
- Your text messages
- Your fingerprint
- Your eyeball
- Your entire face
- A key fob you carry in your pocket at all times
- A secure app on your phone
It’s not hard for you to access any of these things. But all of them are going to pose a problem to any random hacker that bought a list of compromised credentials on the dark web.
Why Your Business Needs MFA Right Now
So, MFA is much more secure than single-factor authentication. But does your business really need it right now?
Yes, it absolutely does. News of new data breaches breaks almost daily, and credentials — usernames and passwords — are frequently a part of these breaches. There have never been more stolen credentials in circulation than there are right now.
If your company doesn’t have strict password controls in place, chances are very high that some of your credentials are already out there. It’s only a matter of time before the right person tries the right credentials and breaches your system.
Will MFA stop highly targeted “TV-style” attacks? Probably not. But those attacks are extremely rare. MFA does stop most crimes of opportunity, where hackers simply try compromised credentials widely until they get in.
You don’t want to wait until it’s too late to make this change. Now — not later — is the right time. And there’s good news here: it’s never been simpler or more affordable to implement MFA across your systems. If you’re ready to make this move, reach out today. Blue Ridge Technology is happy to help you implement MFA for your business.