Cracking Multi-Factor Authentication Requires A Lot More Than Guessing A Password

When discussing identity authentication when IT is concerned, the use of passwords is most likely the first thing to pop into one’s mind. However, there are other methods of authentication that may be combined with the use of a password to increase security. This practice is known as Multi-Factor Authentication, or MFA, although it is also called Two-Factor Authentication, or 2FA.

The Factors That Are Used for Authentication
MFA/2FA relies on ascertaining the identity of the individual attempting to log in by utilizing methods that fall into one of three categories, most often from at least two of these categories:

• Something they know: including passwords, usernames, and PIN numbers.
• Something they have: such as a one-time code that is received via a specialized application or through an email message, a physical token that grants them access, or even the SIM card of their phone.
• Something they are: for example, the use of fingerprints, voice recognition, or other biometric authentication methods.

By combining these methods, it becomes much more difficult for a network or data storage to be accessed by someone who should not do so. These methods may be combined in various ways in order to protect a business’ assets.

Why MFA Is Important
Taking recent security events into consideration, the importance of adding more security than a username and password to your critical files has never been more clear. When databases containing hundreds of username/password combinations are being breached, requiring an additional form of authentication is an excellent way to secure your critical data and prevent it from being accessed by someone without the proper clearance.

MFA in Action
As one might assume, there are many ways that the numerous methods of providing authentication may be combined to ensure security.

Most commonly, the first step to access a business network is to log onto a workstation, which requires a password and username. Occasionally, this step will also require a biometric method before allowing the user access. From there, in order to access the network, the user may be required a few different forms of authentication. These could range from a secondary password delivered via a password manager to a generated, one-time password delivered via mobile device.

By combining these steps, a MFA/2FA strategy takes shape to better protect your business from unwanted entry.

Of course, we’ve only scratched the surface of how MFA/2FA can be leveraged to secure your business. Reach out to us at vCTO Secure for more information how to protect your business using multi-factor authentication. Give us a call at (206) 895-5595.