Multi-Factor Authentication
What is Multi-Factor Authentication?
MFA, sometimes considered “Two-step verification,” is a process that requires an additional way to verify you are who you say you are when logging into a device or a user account. The process is very simple but very effective for keeping intruders from accessing your accounts and devices.
How to enable MFA
Many platforms and online services have adopted the two-step verification process to keep users’ accounts safe and secure. Check your privacy settings on your devices or applications to see if you are able to enable two-step verification. They are common in music, gaming, emails, banking, and payment-type apps.
Visit here for how to access your privacy settings and enable MFA - National Cybersecurity Alliance - Manage Your Privacy Settings
Ways to use MFA
There are several methods of authenticating who you are when accessing your devices and accounts, and typically it is broken into three separate categories:
Something you know, Something you have, and Something you are.
Something You Know
Something you know is commonly your passwords and security questions that only you should know.
- Passwords
- Passwords are the normal bread and butter for user accounts, they should be unique and strong to prevent intruders from accessing your accounts.
- A strong password should have at least 16 characters in it with a mixture of upper and lowercase letters, along with numbers and symbols.
- Weak Password: JohnDoe1234
- Strong Password: Ev3ryD4y!$aGo0dD4y
- If passwords become overwhelming or you are forgetful, there are many password manager apps that have encryptions to keep those passwords safe and help you remember them.
- Security Questions
- Many online services require you to choose security questions, and you then type in your answers for those questions when setting up new accounts.
- These questions can range from “What was your first car?” to “Where was your favorite hangout when you were a kid?” Answers are normally case and spelling sensitive, so be sure to type your answer the exact same way you did on your initial setup.
- A PIN number (Personal Identification Number)
- Similar to a passcode to unlock your phone, a pin number can be short or long and can be used as a second layer for a log-in after your password
Something You Have
Something you have is typically a one-time use pin or code sent to you via text or emails, or something physical like an ID card or a specific key fob to access certain devices.
- SMS Codes
- Some apps and programs offer a “text verification code” setting that is sent to you once you log in with your password. This access code must be entered in order to log in.
- Email Codes
- Similar to text codes, when you do your initial log-in, you will be emailed a verification code to enter as a second layer of security before logging in.
- Authenticator Apps
- These apps will constantly generate passcode numbers or pins that must be entered before granting access to the system you’re logging in to. Ensure your authenticator app is linked to the specific app or system you are using it for.
- Push Notification
- Some apps or programs have the option to send you a notification on your phone that you have to accept to grant access to the system. Typically the notification will say something like, “A device is attempting to get access to your account. Please select confirm to grant this device access.”
- ID Cards
- Many corporate offices or government offices have ID cards that are linked to the individual user and are required to be scanned or inserted into the device in order to gain access to the system.
- Security Key Fobs
- Like ID Cards, some companies have security key fobs that are similar to USB drives; these plug into the computer and generate a code to access the account or device after entering your password.
Something You Are
Something you are refers to a method of using yourself as a secondary authenticator after a password log-in. Many devices have features for fingerprints, retinal, and/or facial recognition to grant access to your devices and accounts.
-
- Fingerprint Scanner
- The most commonly used secondary authenticator for devices and accounts is the fingerprint scanning option. This is a quick, easy, and secure secondary option to have, in addition to a password.
- Facial Recognition
- This method is slightly newer than fingerprint scanners but is just as effective. Your device's camera will activate after entering your password and scans your facial structure to confirm the user.
- Retinal Scanner
- This method is uncommonly used on smart devices or computers however, some systems may use it. This method involves using a camera to scan the user’s eye(s) to grant access to devices and accounts.
- Fingerprint Scanner