Security risks are everywhere, especially in the digital world. Your passwords are never as safe you think they could be, and cybercriminals are rampant. The more layers of protection you employ, the better.
One thing you'll hear is to adopt multifactor authentication. What is multifactor authentication, though? It sounds complicated, but it's not.
Multifactor authentication uses several layers of protection to verify your identity. This keeps your data safe by keeping bad actors out. Our comprehensive guide below will give you a breakdown of how it works and why you need it.
Passwords, security questions, your fingerprint, and even your phone can be authentication factors. Each one usually falls into 1 of 3 categories. These are knowledge-based factors, physical-based factors, and biometric-based factors.
Each category has tons of options, making the combination potential quite wide. Your password is only 1 factor and falls into the knowledge category.
Security questions, PINs, and other such factors are still in the same category as your password. No matter how many questions you're asked, they don't count as unique factors. This means that methods that only rely on the knowledge category are not multifactor.
The number of questions or having a strong password isn't enough. To be secure, you need a variety of categories.
Physical and biometric are the two most popular categories, after knowledge. Many of us have dabbled which these, especially through our phones.
Physical factors refer to anything that requires physical possession. These include fobs, security tokens, and your phone. Your bank access card is an example of a physical factor since it uses an authentication chip.
Key card badges also count as physical factors, and there are even USB security keys. Physical factors can also often have overlaps with software. This has caused some to prefer the term "possession factor" instead.
The example most of us are familiar with is the two-step process on our phones. This is when one of your accounts links to your phone, such as your Google account. The SIM card acts as a unique physical authentication factor which is then read by mobile multifactor software.
When prompted by your login attempt, the software will often generate a code or PIN. These codes are temporary, creating a time limit that minimizes security risks. These external prompts can come via an app, text message, generated email, or your device's UI.
Biometrics is another factor that is hard to mimic or guess. A hacker or intruder can try to guess your password or even steal your hard drive or phone. One thing that's way harder for them to do is copy your face or fingerprints.
The fingerprint scan is a classic which many people use daily. Facial recognition is another one is has been gaining in popularity.
You can scan your retina or iris or use voice recognition to provide access. Many of these are almost impossible to fake, which gives you a powerful layer of security.
Outside of the three main categories, there are two others to consider: location and time-based. Location is self-explanatory. It uses your physical location, usually via your phone's GPS, to verify your identity.
If someone tries to log in from the other side of the world from where your phone is, you'll receive a notification. With the rise of VPNs and digital privacy, however, location can be tricky and annoying to work with. Time-based works in similar ways and can be more useful.
Time-based tracks when you last logged in or accessed a service. Oftentimes it's paired with a location factor to check you aren't in two places at once. It's always possible for someone to go on vacation and need to use their bank card or log in to work.
If you checked your account an hour ago from New York and now someone is requesting access in Bejing, it can't be you. This kind of combination of security factors is what multifactor authentication is about.
People sometimes get confused about the difference between 2 factor and multifactor systems. The key is how many layers of protection there are. Each category we mentioned is its own layer.
Multifactor authentication requires two or more layers, whereas 2 factor only needs two. Unfortunately, this has caused people to refer to 2-factor authentication as multifactor. While technically true, this has caused tons of confusion.
It has caused users and customers to equate the two types equally secure. 2FA is not as secure as multifactor since it will never have more than two layers of protection.
To reap all the benefits of multifactor authentication, you should always go for 3+ layers. Last year, throughout 2020, cyberattacks had increased by over 1,280%.
When you hit "I forgot my password" on your computer, chances are you have to get your phone to complete the process. You have to unlock your phone, which often needs a PIN, password, fingerprint, or facial recognition. Then you need to pull up the access code and use it to verify your identity and reset your account.
Many of us are also used to receiving the "you're logging in from a new device or location" message. These are all layers of security that keep us safe from cybercriminals. We don't even think twice about the extra steps since they take only seconds.
If you have or handle sensitive data on a regular basis, it's crucial you protect it. Don't let a stolen laptop with a weak password cost you everything. Hackers can brute force passwords with automatic programs that guess all the combos.
They can also keylog you or steal your password. Some can even find ways to disable your phone's password or hide their real location. The more layers you have, the harder it is to crack and the safer you'll be.
Many people have been asking, "what is multifactor authentication," even though it's everywhere. Whenever you have to go through multiple layers of security to access your account, you're experiencing it. Much of it goes through your phone, but there are various other options as well.
Great security will always include a combo of security factor categories. At NCG It Solutions, we have experience in protecting what's important. Give us a shout today and find out how much more secure your data could be.
