cybersecurity

What Is MFA? Your Guide to Multi-Factor Authentication

Posted on by Dan Lauritzen
woman looking at mobile phone using MFA to login to her account
27
Jul

If there was a tool that prevented 99% of cyberattack attempts, was free to use, and only took a few minutes to set up, would you use it? It’s kind of a silly question because of course the answer is “Yes!!” Microsoft found that MFA, or Multi-Factor Authentication, can stop over 99.9% of cyberattacks that try to hack in through an account password. But what is MFA? We’ll define and discuss more about it.

What Is MFA?

MFA is an additional security measure that requires not only a password and username, but also something that the user has on them, like a physical key, in order to log in. With MFA enabled, even if someone knows your password, they can’t access your account unless they also have possession of the second form of identification.

MFA is great for remote workers because it adds an extra layer of security to their accounts. Even if someone manages to get their password, they can’t access the account without also having possession of the second form of identification, which can be something like a physical key or a code sent to their phone. This makes it much more difficult for hackers to gain access to accounts, even if they have the password.

How Does MFA Work?

Typically, MFA works by sending a text message or email to your phone or computer with a code that you then input to log in, in addition to your password. This code is known as a one-time passcode (OTP). OTPs are generated by an app on your device or a security key that’s inserted into your computer’s USB port.

You can also set up MFA so that it requires you to answer a question like “What’s your favorite color?” or “What was the name of your first pet?” before it will let you log in. This is known as Knowledge-Based Authentication (KBA) and is considered less secure than using an OTP because the answers to questions like these can often be found through a bit of digging on social media.

OTP codes are generated by an algorithm that uses both a secret key known only to you and the current date and time. This means that even if someone were to intercept the OTP code that’s sent to you, they wouldn’t be able to use it because the code would have expired by the time they tried to input it.

MFA can also be used to approve or deny certain actions within an account, like making a purchase or transferring money. In this case, you would typically get a notification on your device that you then have to approve before the action can be carried out.

So, Why Isn’t Everyone Using MFA?

Multi-Factor Authentication isn’t perfect. For one, it’s an extra step that can be annoying for users, especially if they have to do it every time they want to log in.

Another issue is that MFA can be bypassed if an attacker has access to your device or knows the answer to your KBA questions. They can also use what’s called a phishing attack to trick you into giving them your OTP code.

Finally, MFA isn’t always available. Many older applications and services don’t support it, which can make it difficult to roll out MFA across an entire organization.

Despite its shortcomings, MFA is still the best defense we have against password-based attacks, which are becoming more and more common. So, if you’re not using MFA yet, now is the time to start!

How to Implement MFA

Here’s a quick overview of how to set up MFA on different platforms:

For Microsoft accounts, like Outlook, Hotmail, OneDrive, or Xbox Live, go to the Microsoft website and sign in. Then click on the Security tab and scroll down to “More security options.” From there, you can select “Set up two-step verification” to get started.

Dropbox also has a pretty simple setup process. Just sign in to your account, click on your profile picture or initials in the top-right corner, and select “Settings.” Then click on the “Security” tab and scroll down to “Two-step verification.”

If you’re using Google services like Gmail, YouTube, or Drive, go to your Google account security page and sign in. Then scroll down to “2-Step Verification” and click “Get Started.”

Once you’ve enabled MFA for your accounts, make sure to keep your devices and apps up-to-date to avoid any security vulnerabilities. And, as always, if you suspect that your account has been compromised, change your password and enable MFA right away.

Stop Cyberattacks with Simple Systems

Enabling MFA is a great first step in protecting your online accounts. But, if you really want to safeguard your data, you need a comprehensive security solution that includes firewalls, intrusion detection and prevention systems, and more.

At Simple Systems, we offer managed IT services that can help keep your business safe from cyberattacks. We’ll work with you to create a custom security solution that fits your unique needs and budget. And, we’ll even manage all of your IT systems for you so you can focus on running your business.

To learn more about our services or get a free quote, contact us today.

Dan Lauritzen

Dan is the Founder and CEO of Simple Systems, an IT support company based in Salt Lake City, Utah providing Managed IT Services for a host of clients with all the services of a full-time IT staff without the expense. Our primary goal is to provide the same service to our clients that we expect from others. Our work gets done quickly – we tend to delight and surprise our clients by finishing before the deadline. Simple Systems (SS) first opened its doors in 2007. Over the past 9 years, we have enjoyed working closely with 100’s of small businesses and home users around the Salt Lake Valley. In 2009, SS was honored to be nominated in the Utah Student 25. We are proud of this distinction and look forward to continued growth. In 2012, we opened our retail location in Holladay, Utah to provide home PC customers a more cost effective way to have service and support.