Why multi-factor authentication is an essential part of cyber security

February 17, 2020

Passwords are an essential part of staying cyber secure. But they’re not infallible.

Cyber criminals can use various methods to guess, steal, and compromise your passwords.

But multi-factor authentication can help. You can use multi-factor authentication to make it more difficult for cyber criminals to access your devices and accounts. Nowadays, most companies offer multi‑factor authentication features on their products.

 

Transcript

We keep a lot of sensitive information online.


From our phone numbers to our banking information, there’s tons of data out there we don’t want strangers to see.


A strong password or passphrase is a great step towards keeping that information safe. But it’s not the only step you can take.

Many online services offer multi-factor authentication: an extra level of security that needs multiple pieces of proof to log you in.

 

There are three types of information used to keep you secure:
Things you know, like passwords and passphrases
Things you own, like your phone
And things that are a part of you, like your fingerprints.

 

All of that might sound complicated, but no worries — multi-factor authentication is actually something you use all the time!

Take an ATM, for example:
You need your card and your PIN to take out money, right? That's something you know and something you have. And if you only have one or the other, it won’t work.

The same goes for any website with multi-factor authentication. If someone has your password but no access to, say, your smartphone, they won’t be able to get into your account.

 

Those are just two examples, but multi-factor authentication can come in many of forms.

Some common ones you might see are:
Two-step verification
Application-based authenticators
Biometrics
and Hardware based tokens.

 

So the next time a website asks you to enable multi-factor authentication, you know what to do to stay cyber safe.


Visit getcybersafe.ca for more information and advice on all things cyber security.

What is multi-factor authentication?

"a sideways view of a hamburger with multiple toppings clearly divided"Multi-factor authentication means that you need more than one authentication factor to log in to a device or an account. For example, to unlock your phone, you need to enter a passcode and scan your fingerprint. Many software vendors and other service providers offer this security feature so that you can add a layer of security to your devices and online accounts. With this feature enabled, you need to provide multiple pieces of authenticating information to access a device or an account. If cyber criminals gain access to one piece of information (e.g. your password), they still need to provide additional pieces of information to successfully gain access to your accounts.

Think of it like this: When you’re trying to log in to your online banking account, you use a password to demonstrate that you are the account owner—you’re verifying your identity. The idea is that you should be the only person who knows the password associated with that account.

The problem, of course, is that using a single factor, such as a password, to authenticate you is imperfect. A cyber criminal can steal or guess your password.

That’s when it helps to have, at least, a second authentication factor.

Multi-factor authentication is a way for software vendors and other service providers (e.g. a bank) to say, “OK, you have one piece of information that identifies you as the account owner. But can you provide two pieces of information? Three? Four?”

Multi-factor authentication is an important cyber security measure because it. Multi-factor provides an added layer of security for devices, accounts, and information.

How multi-factor authentication works

The most common form of multi-factor authentication is pairing your log in credentials, meaning your username and password, with another authentication factor. In many cases, this is 2-step verification – something like a text message sent to your phone or an email sent to your inbox. Which is better than a password alone. But what’s best is using a second authentication factor: something you have (e.g. a token, smartcard) or something you own (e.g. a biometric like a fingerprint).

On social media, for example, the chain might go like this:

  1. To gain access to your social media account, you need to enter the password
  2. To make significant changes to that account, you need to scan your fingerprint

This ensures that a cyber criminal can’t make significant changes to the account (such as changing the email address for password recovery).

How multi-factor authentication can help you

The easiest way to think of multi-factor authentication is through a real-life analogy. Imagine you have a safe at home with lots of valuable possessions inside. The safe is protected with a code, which provides one layer of security. But let’s say someone gets a hold of that code. They can use it to open the safe.

Let’s say that in addition to a code, you also needed another element to open the safe ­– a device that scanned your face or a text message that was sent to your phone. The fact that you need those additional steps to open the safe makes it more difficult for anyone else to open it.

It’s the same with multi-factor authentication. Say, for example, that you’ve turned on multi-factor authentication for a social media account. If someone guesses your password, they still can’t log in to your account. To log in, they also need to provide another piece of information to log in.

Conclusion

Multi-factor authentication is a key component of keeping yourself cyber secure. So don’t wait! Use multi-factor authentication on your key accounts now.

Date modified: