The importance of multi-factor authentication (MFA)

Security. Passwords. Protection.

Every business and individual has these measures in place to protect their data, but whether they are secure enough is another question. Most users assume their passwords will keep their information safe, but even the strongest of passwords can be vulnerable. In fact, data breaches, malware, device theft, and many other methods can be used to compromise digital passwords – this is where multi-factor authentication (MFA), or two-factor authentication (2FA) comes into play.

The technology adds an extra layer of security that a password-only login cannot. As we have established, the traditional password is becoming more at risk and so additional information as another layer of security is crucial. According to the NCSC’s UK Cyber Survey, only 15% of people say they know a great deal about protecting themselves online, which is a significantly low figure. Here is a rundown of the 3 different types of factors to increase security using 2FA:

1. Something you know

The first factor is called knowledge-based authentication (KBA), and involves something the user knows. This includes passwords, a PIN or the answer to a security question.

Security questions are often used to recover an account or verify a user’s identity and this is where dynamic KBA and static KBA are implemented. Dynamic KBA is more secure and generates questions based on data records such as credit history or public records. This makes it very difficult for hackers as they’ll need access to the correct databases. Whereas static KBA allows users to select and answer their own security questions, meaning a hacker may only need to know the name of the user’s pet.

2. Something you have

The second factor is something the user possesses, such as an ID card, a security token, an SMS message, QR code or a smartphone app that generates a one-time password (OTP). Using this method, regardless if the hacker has the correct username and password, they can’t get into an account without the physical key.

3. Something you are

Last, but certainly not least, inherent factors are one of the most secure ways to safeguard data as it uses your biometric data. This includes fingerprints, retinal scanning and voice recognition. Finding out a pet’s name can be an easier search for a hacker, but stealing a fingerprint or retina scan without the user knowing is a rare skill most thieves don’t possess!

This layer of security also prevents data breaches from the inside. For example, if employees are limited by biometric factors, those without authorization won’t have access to areas they’re not supposed to.

Two-factor authentication should matter to everyone, particularly businesses wanting to guarantee security. Headlines about large-scale data breaches are unfortunately quite common and cost millions. IBM reported that healthcare breaches cost $9.23 million per incident – a $2 million increase over the previous year. The information that is stolen, in many cases, includes usernames and passwords which can create an opening for cybercriminals. However, those covered by 2FA can relax a little and trust their information is safe and protected.

With the increase of remote working due to COVID-19, two-factor authentication is essential as businesses are choosing to work from home more often. This means that networks will exist outside the office and therefore cannot be kept as secure. In LastPass’ 2019 report, it is stated that only 57% of businesses globally were using MFA. It is not difficult to integrate and manage this level of security and should be a priority for every business, particularly those working from home.

Regardless of which security method is used, one thing is for sure: 2FA is an essential element of cybersecurity, no matter how inconvenient a user may think it is. Each of these authentication methods have their own strengths, and some are better suited to specific industries than others. The critical thing to remember here is that there is no such thing as too much cybersecurity.

If you’re interested in protecting your network with two-factor authentication, Veratrak has included this in their recent update. Request a demo on our website today.