Multi-factor Authentication (MFA) is a security tool that requires 2 or more pieces of evidence – or “AUTHENTICATION” – to prove or identify a user’s identity. MFA has become increasingly popular throughout a variety of devices, programs, applications, transactions, and systems. You most likely have run into it with mobile banking or access to certain websites that require advanced security. While for some, this extra step may seem annoying, needlessly time consuming or unnecessary, it is a critical component of a company’s and individuals online security.
MFA requirements can be controlled based on the security level required for a particular device application, transaction, or situation. For high level situations, like financial transactions, a higher level of user authentication is typically preferred. While a less critical or lower-level situation, like logging into a gaming App, may only require a lower level of user authentication.
Traditional usernames and passcodes unfortunately can easily be compromised and are highly vulnerable to cyberattacks. It is likely that in the past one or more of an individuals or organizations passcode(s) have become compromised. The premise behind MFA is that, while one source of identity authentication may become compromised, the likelihood of two or more independent forms of identification becoming compromised, is significantly much lower. For individuals and consumers, MFA prevents unauthorized users in possession of an ill-gotten passcode and basic personal information (e.g. mother’s maiden name, etc.), from accessing accounts and information. For example: blocking individuals from accessing email, social media accounts or banking information. For organizations, MFA helps to protect against unauthorized individuals, like former employees or cybercriminals, from accessing sensitive files.
Basic forms of MFA may include requiring an answer to a predetermined security question, or identifying a phrase or an image, in conjunction with a username and passcode to logon. Stronger forms of MFA may require a passcode sent via an email, phone call, or text message be sent to a user with a one-time-use code to access the site, application, or information desired. Larger companies like Google and Microsoft have free applications that can manage multiple MFA accounts. In some cases, even biometrics (fingerprint or facial recognition) is utilized. Again, MFA and the level of security can be scaled up or down depending on the device, type of information, or nature of the access desired or required by an organization.
If you have any questions regarding Multi-factor Authentication, please contact your UniVista Account Rep or email [email protected]
Look for our upcoming Blog on Multi-factor Authentication and how it works in MS 365.