26 May No if’s, no but’s – MFA is now a necessity!
For decades, the primary method of preventing unauthorised access to any system was long and/or complex passwords. As long as you didn’t share your password with others, write it down or store it electronically somewhere that was not safe, then you were reasonably safe from others gaining access.
Things have changed, and cyber criminals’ ability to get your password is frighteningly easy. From an innocent click on a link in an email to entering your username and password on what you think is a legitimate website, cyber criminals can manipulate you into giving them your password unwittingly.
With the vast number of systems we have to access these days, people tend to use common password to all their systems which exacerbates the problem.
We highly recommend the use of MFA (multi-factor authentication) not just on mission-critical systems with sensitive data but also your personal email address and any system you access that has MFA as an option. Cyber criminals don’t just go for big businesses, in fact they often don’t know who they’re targeting and happy to compromise any data from anyone who might have a reason to pay them a ransom to get their data back.
What is Multi-Factor Authentication (MFA)?
Multi-Factor Authentication helps add multiple layers of protection to the system(s) you access. It asks you for more than just your username and password when you log into these systems. It requires:
- Something you know (your password)
- Something you have (like your phone or a token)
- Something you are (like your fingerprint)
With almost weekly reports of hacks and breaches, multifactor authentication adds an additional layer of protection that prevents anyone besides you from gaining access to your account, even if they’ve stolen your password.
The most common method is the entry of a code often accessed from a mobile App.
For those of you who elect to use an App on your mobile to retrieve the code needed for your login, there are a few options. We would recommend an App that allows you to save your keys in the Cloud in case you ever change mobile phones and don’t want to setup MFA on all your systems again. LastPass and Microsoft Authenticator App are two common apps used for this purpose.
The Microsoft Authenticator App is ideal for use with Microsoft 365 services because it allows you to force the approval by click a button rather than having to enter the code every time. It’s just for the convenience factor but just as safe and effective.
MFA on E-Mail accounts
Ideally everyone should use MFA for email accounts. Your email address is used as a gateway to so many services and therefore used to reset passwords. This makes additional protection using MFA critical. It not only stops cyber criminals from getting to your email account, but it also stops them from accessing the various systems you use your email address to access. If you forget your password and select the option to reset, it often sends you an email to rest the password. So, if the cyber criminals get to your email, they get to everything!
Stay vigilant, and take advantage of MFA in order to protect and secure your private information on-line.