Multi-factor Authentication Demystified

You have probably come across the term multi-factor authentication (MFA) lately. Sometimes it is referred to as two-factor authentication or 2FA. It is an IT buzzword today and is fast becoming one of the best practices of cybersecurity. So, what is multi-factor authentication, exactly? We’ll explain it that here.

Multi-factor authentication is just multiple barriers to data access and adds to the security of accounts protected with it. Imagine your data in a box and that box fit into another, and then into another–all with locks. It is basically adding layers of security to your data. In fact, you are likely already experiencing multi-factor authentication on a regular basis. For example, when you want to make a transaction online using your banking portal, chances are, it sends an OTP (one-time-password) to your mobile number that’s registered with your bank. Some banking portals also ask you for the grid numbers on the back of your debit card, some online transactions using credit cards ask for CVV or expiry dates.

Even Gmail, Facebook, and LinkedIn use multi-factor authentication when they see unusual activity in your accounts such as a first-time log-in from a device you haven’t used before, or a log-in at a time that you don’t usually access your accounts. Going beyond OTPs, Facebook takes multi-factor authentication a notch higher by asking you to identify a couple of your friends on Facebook or your most recent profile picture.

According to Wikipedia, Multi-factor authentication (MFA) is an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something the user and only the user knows), possession (something the user and only the user has), and inherence (something the user and only the user is). In simpler terms, that means:

• As the first layer of security, we have passwords, answers to security questions, PIN numbers etc.
• The second layer includes authentication methods such as OTPs, security tokens, access cards, etc.
• The third, and final layer is something personal to the user. Examples include biometric validation such as an eye scan, fingerprint scan, voice commands or facial recognition.

So, you see, even something as simple as withdrawing money from an ATM has you going through the multi-factor authentication process. You need to key in your PIN number and use your debit card to be able to transact successfully. With cybercrime being rampant, businesses cannot rely on the old school access authorization methods using a single password or PIN. Ask an MSP today about setting up a strong, reliable, multi-factor authentication system for your data.