Could Multi-factor Authentication really be that good?

October 25, 2019 by
Could Multi-factor Authentication really be that good?
Lighthouse IT Solutions, Matthew Almendinger

Chances are that you have heard about the factors of making a strong password, like how the longer it is the better and how the use of upper-case and lower-case letters, numbers, and symbols protects you against brute force attacks. But what if I told you there was a way to make an account protected by β€œdrowssap” or β€œqwerty” exponentially safer than an account protected by more complex passwords like β€œTh15_1$_@_P@55w0rd”? Multi-factor authentication (MFA) to the rescue! Also known as two-factor or two-step authentication, this is one of the more secure (and quite easy to implement) methods of securing your accounts. MFA can be considered a few different things. The most common form is an algorithm that generates random temporary passwords that must be entered in addition to your standard password. It could also be push notifications from third party apps that manage these MFA communications like Duo Security. This is nice because out devices all have the capability to be only unlocked through certain means like facial recognition, voice recognition, fingerprint scanners, pin numbers, or even retinal scans. What that means for you is even if your first password is compromised you have a second method of identity verification protecting your account. We here at Lighthouse IT Solutions care about your cyber security; our series of posts and webinars espousing its benefits probably convey that just fine.

If you are thinking to yourself β€œCould MFA really be that good?”, well the latest statistic from Microsoft reports that 99.9% of automated cyber-attacks are thwarted by MFA. With a statistic like that, you cannot justify not using MFA, especially since the scary truth is that standard passwords do not matter very much anymore. Cyber-crime does not rest, and it continues to get better at stealing, but brute forcing its way through your standard passwords and getting a hold of your personal information is almost completely impeded by MFA. With an increasing number of ransomware attacks threatening to destroy people's livelihoods, you need to take measures to protect yourself or else they will threaten to destroy yours.

Hopefully by now you agree that MFA is a necessity for a secure account. Maybe you are even wondering how you get it on your own account! Well thankfully it is quite easy to enable MFA as you only need two things: an authenticator of some kind and an account that supports MFA. Authenticators come in two forms: an app on your phone such as Duo Security, Microsoft, or Google authenticator apps, or you can go for the small physical devices that provide MFA codes such as RSA SecureID. Once you have your authenticator of choice, simply go to the security settings on your account, locate and enable MFA, and it should walk you through the setup which is often simply scanning a QR code. Unfortunately, if your account does not support MFA then there is little you can do about it (aside from sending a message to the developers of the service running the account requesting the feature be added). With MFA enabled, you can sleep a bit more soundly knowing your data is that much safer. However, there are more aspects to cyber security that you should be aware of.

To that end, Lighthouse IT Solutions hosted a webinar (October 31st 2019) in which we went over the many things you should be aware of in order to help keep you safe in this digital world.

Watch It Here