Frustrated by IT?

Book a free consultation to see how we can help

Confused by the Cloud?

Book a free consultation to see how we can help

Struggling to manage your data?

Book a free consultation to see how we can help

Engage IT Services

Keeping IT simple, we engage with you to provide the right solutions for your business.

What is Multi-Factor Authentication (MFA)?

by | Jun 6, 2022 | News, Security & Compliance

In my previous post, I explained how you can improve your password security by using a Password Manager. In this post I will explain how you can further enhance your account security with another layer using Multi-Factor Authentication (MFA).

Traditionally a username and password were considered enough to verify your identity, but today with the steady rise in cyber-crime, they are often too easily breached.

Most online services offer an additional way of verifying your identity and financial services will enforce it; if like most people you are using online banking, you are already using a form of MFA without necessarily knowing it.

MFA uses a combination of factors to confirm your identity when you login to a service. For example, the most common kind of factor is a password; something you know.

The most common forms of factors are:

Something you know

Like a password or PIN.

Something you have

Like a smart phone or secure USB key.

Something you are

Like a fingerprint or facial recognition.

2-Factor Authentication (2FA) is a subset of MFA, and only uses 2 of the above factors.

How does MFA work?

The easiest way to use MFA for your Microsoft 365 account is to install the Microsoft Authenticator app on your smartphone. Once the app is installed, your Microsoft account is easily added by scanning a QR code in the Account>Security Info section.

When you login to your account with your username and password, your phone will now prompt you to approve the login:

MS Authenticator Image 1

If your phone supports fingerprint or face recognition the app will also require this additional verification.

Therefore, to access your account you also need access to your phone. So even if a hacker does breach your password, they would struggle to bypass this second level of authentication.

Other accounts are easily added to the Microsoft Authenticator app and work in a similar way by generating a 6-digit code which will be required at login:

MS Authenticator Image 3

Why use MFA?

Passwords alone are no longer secure enough. Identity theft is an easy, low-risk, high-reward crime for cyber-criminals and a threat to all businesses. Password theft methods are constantly evolving and include brute-force attacks, pharming, phishing and keylogging.

If a hacker were to breach your password and you have MFA enabled, they would also need access to your phone (or another MFA device) to complete authentication.

According to Microsoft this is one simple action you can take to prevent 99.9 percent of attacks on your accounts.

How many times have you seen on Facebook;

“Don’t message me I think my accounts been hacked.”?

This is usually down to a weak password that has been easily breached, but all major social media platforms also support MFA and if enabled would have likely prevented the account breach.

MFA does not cost anything, most services such as Microsoft 365 offer this as standard and the Microsoft Authenticator app is a free download.

MFA is not just for business and financial use, consider it for all your personal online services, particularly social media.

The Microsoft Authenticator app can store multiple accounts which can be easily added, usually by scanning in a QR code.

MFA is not as intrusive as you may think. If you are accessing services through standard applications such as Outlook on your PC and phone, MFA will only ask you to reauthenticate every 90 days. It is only when accessing services from a new device that you will prompted for MFA authentication.
Oher services will act in a similar way and allow you to trust devices for a certain period before you must re-authenticate.

Summary

Many organisations are still hesitant to deploy MFA due to the misconception that it can be expensive and time-consuming to implement. In reality MFA solutions are in-expensive and often extremely easy to deploy.

If you would like help to improve your security and implement MFA in your organisation, contact us today to see how we can help.

Get in Touch

Complete our contact form and we will get back to you as soon as possible.

Or call 03333 057577

Give us a call for an informal chat to discuss your requirements and arrange a complimentary consultation.

Providing IT Services & IT Support for Small Businesses & Charities in Hampshire, Surrey & West Sussex.

Keeping IT simple, we engage with you to provide the right solutions for your business.

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from Engage IT.

Website

You have Successfully Subscribed!

Pin It on Pinterest