Multi factor authentication (MFA) is a security feature that uses more than one method to verify a user’s identity. This can handle things like a password, PIN, and two-factor authentication (2FA). Enabling MFA adds an extra layer of security that helps protect your organization from malicious actors trying to access your accounts. The additional steps makes phishing attacks more difficult since the attackers need to both have access to your passwords and be able to impersonate you when they log in to your accounts.
The first step in MFA is giving a password/passphrase and the second step is providing that you are you by receiving the verification code to the mobile number or authentication app which linked with the password/passphrase.
Authentication apps and/or software can be used instead of a traditional login process. Examples of such apps include Google authenticator, Authy and Duo Mobile. Many of these apps can be used on mobile devices in addition to computers and other internet connected devices.
Many organizations use third-party authentication providers that support MFA as an additional level of security. For example, Google and Facebook both offer their own implementations of MFA
What MFA/2FA include
- An extra pin
- An answer to a security question
- An additional code either emailed or texted to a mobile number
- Biometric identifier e.g fingerprint or facial recognition
- A unique number generated by an ” Authenticator App”
- A secure token
Where To Enable MFA
Most accounts that hold valuable financial or personal information require the use of an MFA mechanism. These include bank accounts, email accounts, social media, online shopping accounts and online storage services. Typically, the company or organization that provides the service will require that users enable MFA to protect the accounts. However, an increasing number of websites are also requiring MFA in order to protect their users’ accounts.
So should you enable MFA? The answer is simple: if an account has any sort of value to you then you should enable MFA. It doesn’t matter whether its a bank account, email account or an online storage service – if the account has any value then it should be protected using MFA
One way to answer this question is to look at the value you hold in each of those accounts. If you lose access to one of those accounts then the loss can be significant in terms of both time and money. The longer it takes to recover access the more it will cost. And the longer you need to recover from the loss the more likely it is that something critical will get missed during that time period.
So while losing a single account may not be a big deal in itself it could be enough to trigger a recovery effort on your part that could end up costing you a lot of money.
In that context it would be well worth spending the few minutes required to setup MFA on each of the accounts in question it could save you a lot of time, money and hassle in the long un. If you don’t have any high value accounts then you probably wont need to enable MFA on your current accounts.
