Skip to Main Content

Multi-Factor Authentication

You may hear the term "Two-factor Authentication" or "Multifactor Authentication(MFA), "  what is it?

When you sign into your online account, the system will ask you to enter the verification code from your cell phone or email, why?

People are saying MFA adds a layer of protection to your authentication, how to install it?  

 

What is MFA (Multi-factor authentication)? 

 

four common MFA Methods, which is email code, authenticator app, text and call, and security questions. Email code is sending code to your registered email address. Authenticator app is the app generate a code for you. Text and Call is sending code to your registered cellphone. Security questions is answering the user -defined questions or system-defined questions.

What is Multi-Factor Authentication (MFA)?

Multi-Factor Authentication (MFA) is the use of multiple factors (at least two factors) to confirm the identity of someone who is requesting access to an application, website, or other resource.

 

Why is MFA important?

MFA adds an extra layer of protection to your accounts. Studies shows that MFA dramatically reduce the success rate of cyberattacks. 

 

The Three Categories of Multi-Factor Authentication Methods

  1. Something you know—a PIN, password, or a answer to a security question
  2. Something you have—one-time passcode, token, trusted device, smart card, or badge
  3. Something you are—face, fingerprint, retinal scan, or other biometric

 

Common MFA Methods:

There are various common MFA methods, you can evaluate them by considering cost, ease of use, and compatibility with the system you use.    

 

Email Codes: One of the most common MFA methods. When you attempt to log in, a code is sent to your registered email address. You enter this code on the log-in page to pass the authentication. 

     Pros: Convenient for end users

     Cons: depends on the strength of email security

 

One-time passcode from Text and call: One of the most common MFA methods. When you attempt to log in, a code is sent to your registered cellphone. You enter this code on the log-in page to pass the authentication. 

      Pros: Convenient for end users

     Cons: Cellphone fraud and SIM swap fraud  

 

Authentication Apps: One of the NEW common MFA methods. The authentication apps generate a time-limited passcode.  You enter this code on the log-in page to pass the authentication. 

      Pros: More difficult to be fraud than email or text passcode

      Cons: Rely on mobile and authenticator apps security

 

Security Questions: Security Questions used to be used a lot in the past or first time access. The questions could be user-defined questions or system-defined questions. The answers should only be known by the user. 

      Pros: Sometimes used on multifactor authentication for first-time acccount access before the users registered other types of authentications. 

      Cons: Easy to guess from social media oversharding

 

Scenario of using MFA:

  • When you log into your online bank account, first you enter your username and password, and the system sends you a one-time passcode to your cell phone text message, and you enter the passcode to validate the multificator authentication.  
  • When you log into your online application, first you enter your username and password, and the system will ask you to enter the one time passcode on your Microsoft authentication app.  

Additional Tips:

  • It's a good idea to enable MFA for all your important accounts including email, banking, and online shopping accounts. 
  • Always use a strong password. More information about strong password