What is Multi-Factor Authentication?
Posted on: April 15th, 2020
Using only a password to secure your accounts is no longer secure enough. However, many businesses have not implemented the most straightforward security tools for protecting their accounts and sensitive data: Multi-Factor Authentication (MFA). Keep reading to find out what MFA is and how it can protect your business.
What is MFA?
MFA is an additional layer of security, on top of the standard username and password. The user receives a prompt to provide further information before they can access their account. The authentication factors must come from two or more of the below:
- Something you know (e.g. a password)
- Something you have (e.g. a phone or physical token)
- Something you are (e.g. your fingerprint or an iris scan)
Many MFA solutions take into consideration the context of the login, flagging unusual attempts. For example, they might look at the time and location of the access and the device used.
Why is MFA important for a business?
Did you know that around 90% of passwords can be cracked in less than six hours? Attackers can test millions of passwords each second. MFA creates a layered defence. With MFA in place, accounts are protected by additional authentication, even if your passwords are compromised through a phishing attack. An attacker will be unable to log in without possession of your physical device, like a security token or phone, or something you are, such as a fingerprint scan.
People are accustomed to using MFA in their personal lives, as many websites required these security measures, such as online banking and social media sites. The Australian Cyber Security Centre (ACSC) recommends that businesses implement MFA for remote access solutions, users performing privileged actions and users accessing sensitive information, at a minimum.
Back to all blog posts