Multi-Factor Authentication

Multi-Factor Authentication. What is it, and why do I need it.

MFA. It is a term you will have heard. The IT industry loves acronyms, so you’ll find MFA plastered all over news articles, blog posts, and maybe in an email you would have received from us. As your IT Partner we take your security very serious, and MFA is part of this. But what is it?

Simply put, MFA is another way to let a system know you are who you say you are. You’ll have a password, sure. But what if a bad guy knows your password, by guessing it, or by stealing it? With your login ID, which is often easy to find, and your password, suddenly all your email, documents, photo’s of your family, financial information and browsing history becomes available to use.  And passwords are only as safe as they are secure. Most people hold well over 50 passwords, so many will duplicate passwords across systems and, sometimes very unsafe websites. A password manager can help, and please reach out to us if you need one, but even then you’re still vulnerable.

Multi-factor verification is more secure than just a password because it relies on two forms of authentication: something you know, and something you have with you. The something you know is your password. The something you have with you is typically a phone. The way it works is that after you log in with your password, the system will ask you to verify who you are by sending a text message to your phone, give you a code in an “authenticator app” on your phone or have you confirm on the phone that all is good and access can be given. Two-factor verification can help to stop malicious hackers from pretending to be you, because even if they have your password, odds are that they don’t have your device, too.

MFA is a little bit of extra effort. You’ll need to create a credential up front and need to enter it when you want access. We can sometimes make it a little easier, for example by limiting the number of times you need to authenticate when you’re in your company’s internal network or give you an “app password” that can make it easier. But in all situations having two forms of authentication is better than having one.  Safety is no longer guaranteed in business, or even your personal environment (you really should use MFA for your personal email and documents as well). If you’re not protected, the question isn’t whether you’re going to be compromised, but when. And how much it is going to cost you or your business.

ABT have performed MFA projects for dozens of our clients, enabling security for thousands of our users. If we haven’t yet reached out to you to enable MFA on your company’s data, we will. If you would like more information, or would like us to engage with you to increase your security even more, please reach out to sales@abtechnologies.com.au

Share this post