The primary source of accessing our online accounts is with our usernames and passwords. We’ve been educated on how important it is to create strong passwords containing a variation of upper case, lower case, and special characters etc. However, nowadays, this is not a strong enough security measure to protect people from cyber-attacks.
Did you know:
- 90% of passwords can be cracked in less than six hours
- Sophisticated cybercriminals have the power to test billions of passwords every second
(Source: The Business Journals)
This is why multi-factor authentication is such a significantly important factor to overall online security.
What is multi-factor?
Multi-factor authentication (known as MFA) is one or more additional layers of security on top of a password. It’s there to confirm that only authenticated users can gain access to the requested online platforms.
How does it work?
Step one: A user visits an online platform and enters the username and password.
Step two: Additional information will then be requested before access is granted.
Examples of these additional pieces of information are as follows:
- A verification code or SMS code may be sent to the mobile phone affiliated with the account, or an authenticator application.
- A request to enter the answer to a personal question. For example, the town the user was born in, or their mother’s maiden name.
- There could be a biometric request where facial recognition or fingerprint touch ID is required.
The additional layer(s) of authentication must be entered to complete the log in process.
There are many multi-factor authentication methods available, but all forms of MFA offer better protection than passwords alone.
Adding these additional layers of security significantly lowers the chances of scammers being able to access sensitive data, commit identity theft or fraud. This is due to it being highly unlikely that cybercriminals will have access to all authentication factors.
Does multi-factor authentication guarantee safety from cyber attacks?
MFA isn’t a guarantee that users are 100% safe from cyber-attacks. This is due to social engineering being a huge risk to security, along with typical human error. However, it does dramatically lower the chances of accounts being hacked, so we absolutely advise that you configure this on your accounts if you have not done so already.
How can we help?
In addition to a secure IT infrastructure, all employees should undergo up-to-date training, so they are equipped with the knowledge to help with the business’s overall online defence and safety.
If you are interested in learning more about how our IT services can help protect your business, please don’t hesitate to get in touch with us. We’d be happy to help.