In 2004, Bill Gates proclaimed that using a password to protect computer information is “dead”. As the founder of Microsoft and the head of the largest software company, he was able to get a new perspective that few receive. Bill Gates identified problems in the IT industry that wouldn’t plague the world until almost two decades later. As he was concerned with phishing, identity theft, and problems that could happen due to weak passwords, he recognized multi-factor authentication (MFA) as the cure. Today, many of us use MFA in our personal and professional lives. But how does it protect our data and information? In this article, we will discuss what MFA is, its components, why should we use it, and the benefits of implementing it in your organization.
So, what is multi-factor authentication? (MFA)
MFA is a security policy that requires more than one authentication. It means that this layer of security combines two or more independent credentials as outlined below. Implementing MFA helps to ensure logins to your information are legitimate and adds layers of protection. This makes it harder for hackers, as passwords have become easy to guess and hack with password permutation software. All authentication techniques fall into one of three categories:
This involves what you know, which means it uses a secret that is known to the user. Examples include passwords or PIN codes. Knowledge factors are the most used form of authentication, where the user needs to use a string of characters or answer a series of questions. While knowledge factors can protect data and logins, when implemented alone it offers little security. More computer programs are created to hack passwords, and other people might know the answers to your questions, such as close friends, relatives, and acquaintances. With many employees working from home this year, attacks have grown exponentially on single factor protected accounts. It’s imperative to implement knowledge factors with other factors to optimize the level of protection of your logins and information.
Possession factors involve what you have, which means it uses physical objects that belong to the user. Examples include connected tokens which are items that are physically connected to a computer to authenticate your identity. This can include items such as a USB stick with secret tokens or PIN generator devices.
As USBs can be lost or stolen, using an authenticator is a great way to keep an account secure. Examples include authenticator apps (e.g. Google Authenticator, Microsoft Authenticator). These apps generate a unique code every 30 seconds that must be entered for logging into the secured account. Setting up authenticators is becoming more seamless, with it being as easy as scanning a QR code with an authenticator app from your phone.
This involves what you are, which means the biometrics encode some physical characteristics of the user. Examples include fingerprints, iris, or voice recognition. Aside from these examples, keystroke dynamics are becoming more popular (e.g. typing speed, pattern in key press intervals). Biometric authentication continues to be more robust and commonplace in modern technology. Laptops and smartphones now boast biometric authentication technology, and it will only become more sophisticated as time goes on (e.g. iPhones using Face IDs and Android using iris scanners to unlock smartphones).
Why should we use MFA?
The data shows that 99.9% of compromised accounts did not use multi-factor authentication, and overall, only 11% of organizations use MFA. It’s no surprise that most of us are already using MFA in our personal lives, such as bank card PINs, and unlocking your smartphones with a pattern. By implementing MFA in your organizations, you’ll add layers of security to your logins and data and avoid most attacks and exploits. This is because the amount of time and resources required for hackers to break MFA is significantly higher, so they tend to avoid it.
What are the benefits of using MFA?
There are plenty of benefits to using MFA. It is designed for ease of use, protection in case the password database is compromised and makes it harder for hackers to access confidential information. When paired with conditional access, MFA can increase security exponentially. Also, when paired with single sign-on, passwords can be eliminated.
While MFA adds a significant layer of security to your information, it’s not a silver bullet. It’s only a piece of a comprehensive security picture. You must still implement best practices to ensure your passwords are not too simple and make sure not to lose your USB tokens and keep your smartphones protected, so your authenticator app is not compromised. Hackers can still utilize exploits and other types of attacks.
MFA is specifically designed to reduce the inherent weakness of passwords and can be paired with other technologies to increase security. MFA is also a piece of comprehensive security picture, which involves people, policy, and technology. SysGen’s Managed Security offering and a team of experts can help you implement MFA in your organization.