The terms two-factor authentication and multi-factor authentication (MFA) are thrown around pretty liberally, but not everyone really understands what they are or why you should use them to protect yourself.
Why People Need MFA
Many people (as high as 54%) reuse the same password on multiple websites. When one of those is the login to your personal bank account, you could be at risk if you don’t use extra security measures. When hackers steal one account login, they use credential stuffing techniques to try that same login on other accounts, and you know what? Often they do succeed. With a little work, they could take over all your accounts and lock you out, draining all your funds.
Thankfully, banks and other companies are now offering multi-factor authentication systems as additional security to protect all your accounts and assets.
What is Multi-Factor Authentication?
Multi-factor authentication definition: Multi-factor authentication (MFA) is essentially additional steps or layers of security to keep your accounts safe. Rather than just enter a username and password, MFA uses fingerprints, facial recognition, biometrics (like retina scanning), PIN codes, SMS codes, and other ways to validate your identity before allowing you to log in. Another popular authentication method is using an authenticator app and entering that code on the website to get in. Although it can be frustrating to wait for a text message code to enter when you want to just log in, you will appreciate these extra steps when they prevent your online accounts from being hacked, taken over, and theft.
If your debit card is stolen, a thief would need your PIN to get into your account. That is one example of multi-factor authentication. Another would be your bank login protected by a code that is texted to your phone. Some others are:
- You must provide the answer to a security question before you can log in.
- You cannot log in until you provide a numeric code that is texted or emailed to you.
- A one-time password is randomly generated and sent to you to use via your email account.
- Other examples include fingerprint, voice, or facial recognition on mobile devices before you can log in or use features of a specific app or website.
Depending on the company, you may be able to set up multiple layers of identity verification so you can only log in from a specific location or other means to verify that it is really you logging in. You can also limit login attempts and then shut off access to your account. That works well to prevent brute-force attacks.
How Does MFA Work?
MFA works by you providing at least two pieces of identification, which might include a username/password combo along with a PIN, FaceID, or fingerprint scan. Once you turn on these items within apps, your device is remembered, so you don’t typically have to do anything else except use it.
MFA solutions combine three ideas to add an extra layer of security: information you have (such as a PIN or password), along with a second factor which is something in your possession (card to swipe, smart card, mobile phone, physical token, security keys, FOB, or hardware tokens as forms of authentication), and something unique to you such as your fingerprint or facial recognition. Sometimes devices or apps use AI to include other factors such as your geo-location or IP address before allowing access management.
According to a Google survey, around 86% of people feel that using the MFA authentication process makes them feel like their accounts are much more secure.
The most advanced and user-friendly type of multi-factor authentication is adaptive MFA which combines a single sign-on with MFA. Adaptive authentication turns steps on and off based on the number of login attempts, incorrect passcode entered inability to verify the user’s identity, and other steps along the access management flow. Basically, the adaptive system changes as necessary so that the end-user can access their accounts, but fraudsters cannot.
Some systems use an OTP (one-time-password) or other methods of inherence that work to keep cybercriminals out.
How to Use Multi-Factor Authentication to Protect Yourself
Multi-factor authentication only works if you use it. More and more companies are starting to offer this type of security. MFA is used in cybersecurity to prevent cybercriminals from gaining access to your stuff. Some areas to remember to use it on are:
- Go into your smartphone and turn on FaceID or Fingerprint ID in all your mobile apps and for the phone so that even if your phone is lost or stolen, the thief cannot get into your stuff.
- Bank and credit card companies. Log onto your accounts and turn this feature on for all sensitive accounts.
- Social media accounts can be at risk for hacking, too, and criminals can post things in your name. Turn on MFA in these accounts to protect yourself.
- Most email vendors (Gmail, Yahoo, Microsoft, and Outlook) all offer MFA for protection.
- If you have medical accounts online, turn MFA on there, too, to keep your medical information and health data private.
- Retail accounts are also at risk, and if a hacker takes over, they can buy stuff charged to your name and account.
Other Tips to Protect Your Accounts
You cannot be too careful these days when protecting your digital life. Some other simple tips for protection are:
- Never click links in an email.
- Watch out for suspicious/phishing emails and educate yourself on cyberattacks.
- Do not connect to public Wi-Fi without using a VPN to protect your logins.
- Keep all your devices updated with the latest security patch.
- Install good antivirus/anti-malware software and run deep scans often.
- Never reuse passwords on multiple websites.
The best thing you can do to protect yourself online is always to use common sense and walk away if it feels wrong.