Two-factor authentication (2FA) or multi-factor authentication (MFA) is critical for securing your cloud-based or remotely accessible systems by adding a second verification step (two-step) in the logon/authentication process.
The security of two-step verification lies in its layered approach. Compromising multiple authentication factors presents a significant challenge for attackers. Even if an attacker manages to learn your password, it is useless without also having possession of the additional authentication method. It works by requiring two or more of the following authentication methods:
- Something you know (typically a password)
- Something you have (a trusted device that is not easily duplicated, like a phone)
- Something you are (biometrics like fingerprints or facial recognition
Why is your bank ATM secure? When you think about your ATM PIN, it’s easily guessable because it’s generally known to be a 4-digit number between 0000-9999. Not exactly a great password! However you also need your ATM card which only you have. With respect to ATM withdrawals, Your PIN is useless without the card and the card is useless without the PIN.
Most modern cloud-based systems and services have an option to enable 2FA/MFA. We recommend you turn these on now. Check settings under your account or profile.
Typically it works like this:
- You are presented with your standard logon screen
- You enter your ID and password
- You will then be prompted to enter a verification code tied to something you own like your phone. This could be a text message, an app with an ever changing code, or a phone call.
After you enter the verification code, you will be allowed to logon. If an attacker tried the same thing, like if they had your ID and password, they would get stopped at the verification step.
-Jeremy
