Traditional usernames and passwords can be easily compromised. Multi-factor authentication (MFA), is a security control that requires users to verify their identities by providing multiple pieces of evidence before gaining access to a device or application. It is an enhancement over the two-factor authentication (2FA), which requires only two pieces of evidence. This is the only difference between the two. A few examples of multi-factor authentication are codes created by Authenticator apps on mobile devices, answers to personal security questions, codes sent to an email address or by SMS to a phone, fingerprints, etc.
And why is it important?
According to entrepreneur 90 percent of employee passwords can be cracked in six hours and 65% of people use the same password is multiple places.
Whereas Microsoft manager Alex Weinert stated in a 2019 blog post that, “Based on our studies, your account is more than 99.9% less likely to be compromised if you use MFA.”
What are the possible authentication factors?
Most common forms of 2FA
Here are a few examples of security code generating mobile apps:
These apps use Time-Based One-Time Password (TOTP) algorithm. They will generate a time-sensitive six-digit code, which you can use to verify your login. The code will typically refresh every 30-60 seconds.
The latest advice from Microsoft is NOT to use MFA with SMS or Voice
Microsoft warns against SMS, voice calls for multi-factor authentication: Try something that can't be SIM swapped.
Sending codes over the insecure public telephone network isn't the way to go
Take a look at our help article to set up 2FA on your e-shot account.
We are confident that we can help you, which is why we offer a free healthcheck to identify potential issues with your current programme and free advice on things that could be done to improve it.