The Importance Of Multi-Factor Authentication

Multi-factor authentication (MFA) is a great way to overcome the users’ resistance to maintaining strong passwords, while still ensuring adequate standards of cybersecurity.
Discover more

The Importance Of Multi-Factor Authentication

Maintaining strong and complex passwords may sound easy in theory, but in reality, most users opt for easy-to-remember passwords instead.

Multi-factor authentication (MFA) is a great way to overcome the users’ resistance to maintaining strong passwords, while still ensuring adequate standards of cybersecurity.

Though most companies now employ much stronger cybersecurity than they did ten years ago, our society is still a long way away from being impenetrable.

Some industry experts believe we’ll never be able to fully stop all breaches from occurring.

The reasons for this vary but the most logical line of thinking is that technology is evolving at a constant rate.

With each new invention, we open another window that cybercriminals can climb through.

Every new convenience we gain through technology is another potential vulnerability just waiting to be exploited.

While the application of a given cybersecurity solution here or there on an ad-hoc basis can help increase defensive capabilities, this piecemeal approach is generally insufficient.

At the core of so many cybersecurity vulnerabilities is poor password management.

YouTube video

The Unfortunate Reality Of Password Security

Despite the fact that passwords are the most direct way to access a user’s private information, most passwords in use today are simply not strong or complex enough.

Passwords protect email accounts, banking information, private documents, administrator rights, and more — and yet, user after user and business after business continue to make critical errors when it comes to choosing and protecting their passwords.

To be fair to users, there’s a lot to keep in mind when choosing a password:

  • Length and Complexity: Keep in mind that the easier it is for you to remember a password, the easier it’ll be for a hacker to figure it out. That’s why short and simple passwords are so common — users worry about forgetting them, so they make them too easy to remember, which presents an easy target for hackers.
  • Numbers, Case, and Symbols: Another factor in the password’s complexity is whether or not it incorporates numbers, cases, and symbols. While it may be easier to remember a password that’s all lower-case letters, it’s important to mix in numbers, capitals, and symbols in order to increase the complexity.
  • Personal Information: Many users assume that information specific to them will be more secure — the thinking, for example, is that your birthday is one of 365 possible options in a calendar year, not to mention your birth year itself. The same methodology applies to your pet’s name, your mother’s maiden name, etc. However, given the ubiquity of social media, it’s not difficult for hackers to research a target through Facebook, LinkedIn, and other sites to determine when they were born, information about their family, personal interests, etc.
  • Pattern and Sequences: Like the other common mistakes, many people use patterns as passwords in order to better remember them, but again, that makes the password really easy to guess. “abc123”, or the first row of letters on the keyboard, “qwerty”, etc., are extremely easy for hackers to guess. In the end, creating and using strong passwords can be frustrating — the more secure they are, the more difficult they are to remember. The more memorable they are, the greater threat they pose to the business.

What’s The Better Way To Approach Password Management?

MFA is a superior way to keep your data more secure — after all, it blocks 99.9% of identity-based attacks.

MFA requires the user to utilize two methods to confirm that they are the rightful account owner.

There are three categories of information that can be used in this process:

  • Something you have: Includes a mobile phone, app, or generated code
  • Something you know: A family member’s name, city of birth, pin, or phrase
  • Something you are: Includes fingerprints and facial recognition

So what are the benefits of an MFA solution?

  • Bring Your Own Device: In today’s modern business world, more and more employees prefer to do at least some of their work through their mobile devices, which can present a serious security risk. However, with an MFA solution, you can enroll new employee devices in minutes, given that there’s no need to install an endpoint agent. Convenient Flexibility: A MFA solution won’t force you to apply the same security policies to every user in the company. Instead, you are given the capability to specify policies person by person or group by group.

Why Is MFA So Popular?

If you’ve hesitated to enable MFA for your accounts because it seems too complicated or too fiddly for everyday use, you should know that the benefits greatly outweigh the perceived annoyance.

The protection that MFA adds allows you to use your passwords for a longer length of time between password resets, and in the event that your service provider is compromised and your email and password end up in an open database on the open web, you will have time to change your password before your individual account is compromised.

Microsoft Users Need To Use MFA

At a recent RSA security conference, Microsoft engineers told attendees that 99.9% of the accounts that are compromised each month don’t have an MFA solution enabled.

That’s why you need to disable legacy authentication protocols and update to one that supports MFA.

Microsoft notes that doing so has resulted in a 67% reduction in breaches.

They also provide a built-in MFA feature, called Microsoft Authenticator.

How Does A Multi-Factor Authentication Solution Work?

  • User logs into the session with primary credentials.
  • The session host validates credentials with Active Directory.
  • Then, it sends credential validation to the cloud via the login app.
  • The MFA client sends its secondary authentication to the user. User approves.
  • The MFA client sends approval back to the session host via the login app.
  • The user accesses their session very securely.

Though MFA does make it harder for the account owner to access the account, it also makes it difficult for cyber thieves to learn your password.

Their job becomes much tougher because they now need to do more than just hack your password.

They’ll need personal information about the account owner.

With so many accounts being too easy to break into, hackers are more likely to just move on instead of trying to break through the multiple-factor authentication process.

MFA Doesn’t Mean You Can Overlook Password Security

Despite the fact that passwords are the most direct way to access a user’s private information, most passwords in use today are not considered to be strong or complex enough – and even if they are, they aren’t updated often enough.

Case in point: 57% of people who have already been scammed in phishing attacks still haven’t changed their passwords, and 71% of accounts are protected by passwords used on multiple websites.

Even with MFA, you need to be sure your passwords are strong and complex. Here are two tips for doing so:

  • Use Complex Passwords. Don’t be one of the 23 million account holders still using “123456”. It’s common that passwords are required to include uppercase letters, lowercase letters, numbers, and special characters. Consider using a passphrase—which is when you combine multiple words into one long string of characters—instead of a password. The extra length of a passphrase makes it harder to crack. For a more secure passphrase, you’re encouraged to combine multiple unrelated words to create the phrase, for example, “goldielittlelamb3pigs.”
  • Manage Your Passwords: You don’t have to worry about remembering complex passwords so long as you manage them properly:
  • Update Your Passwords: Change your passwords on a regular basis. It’s as simple as that, like spring cleaning.
  • Use A Password Manager: A password manager generates, keeps track of, and retrieves complex and long passwords for you to protect your vital online information. It also remembers your PINS, credit card numbers, and three-digit CVV codes if you choose this option. Plus, it provides answers to security questions for you. All of this is done with strong encryption that makes it difficult for hackers to decipher.

I.T. Matters Will Help Protect Your Data

If you’re unsure about how to implement an MFA solution, don’t try to handle it all on your own.

I.T. Matters will help you evaluate your password practices and security measures as a whole to make sure you’re not taking on any unnecessary risks.

We will guide you in implementing MFA for your entire staff, ensuring your data is properly protected.