Blog

The Many Factors Of Multi-Factor Authentication

Posted by Integrity Staff on November 7, 2019 at 10:00 AM

multifactor-authentication

 

Passwords are often considered the ultimate step in keeping data secure. 

As long as the user never writes it down where another person could find it, or tell another person, their personal data would remain intact.

However, passwords are no longer as secure as they once were.

While having a password in place can stop someone casually trying to get a look at something they’re not supposed to, they do little to prevent cyberattacks from experienced hackers.

This is where multi-factor authentication comes in. 

 

What Is Multifactor Authentication?

Multi-factor authentication, or MFA, requires more than just a password to ensure the user logging in is the person that’s supposed to be there.

Multi-factor authentication is comprised of three main parts: 

  1. what the user knows
  2. what the user has
  3. who the user is 

There is another version that added two more levels: where the user is and what the user does. While a small- to medium-sized business (SMB) may struggle to enact all five, any combination of these factors can help keep data safe from cyberattack. 

Let’s take a closer look at them.

 

How secure are your passwords? Find out by taking this cybersecurity assessment.

 

What The User Knows

This is the password. 

While it’s not the safest form of safety on its own, it’s still the first line of defense. Creating a password with capital letters, numbers, and symbols can prevent the average person from getting into sensitive data. 

This is the crucial first step every SMB should use to keep their data and their clients’ data safe.

 

What The User Has

This is the security question. 

Banking sites are well known for them. They ask things like what your mother’s maiden name was or the name of your early childhood pet. The question asked shouldn’t be commonly known among the user’s colleagues or peers, such as the user’s maiden name or brand of vehicle driven. 

This is one of the easiest factors for an SMB to employ beyond a password alone.

 

Who The User Is

This is the biometric factor. This means that some part of the user’s physical being is needed for the authentication process. This is usually something like a fingerprint or retina scanner. 

While biometric authentication is incredibly safe and hard to break, it also may be cost-prohibitive for many SMBs. 

 

Where The User Is

This factor tracks the most common login points for information and sends a warning if the account is logged in from a different place. 

This is most common with tech services such as Google, warning its users when their email has been logged into from a new device. 

This is an excellent service for SMBs to use, especially if they give their employees work devices to use. 

If someone has logged into an account from a device that was not logged by the company, it could be an instant giveaway that the login may not be legitimate.

 

What The User Does

This is a lesser-used form of authentication but serves as another secure step. 

When the user logs in, there’s a tactile movement that must be performed. 

This could be a hand gesture to a camera, although some argue cameras aren’t advanced enough to tell certain motions from others. 

It could also be a series of clicks in a pattern known only to the user, similar to the lock screen on some mobile phones. 

The biggest downside with this is that most users will pick repeated patterns that make it easier for hackers to figure out. 

An SMB looking to use this feature should give their employees specific randomized motions to make it safer.

While it would be cost-prohibitive for most SMBs to make use of all five of these factors, any combination of them will instantly increase the protections on a company’s servers. 

In a world where cyberattacks on businesses are increasingly more common, every little bit helps. 

New Call-to-action

Image by ar130405 from Pixabay