Multi-Factor Authentication (MFA)
Over the past few years, the challenge of managing passwords has grown more complex and critical. High-profile data breaches have exposed countless passwords, and individuals now manage more accounts than ever. The result? Maintaining strong password hygiene is both harder and more important. Fortunately, multi-factor authentication (MFA) can help.
What is Multi-Factor Authentication?
Multi-factor authentication — sometimes referred to as two-factor authentication or simply “MFA” — requires users to complete multiple steps to gain access to an account or system. Typically, the first “factor” is a username and password. With MFA, users must also provide a secondary method to confirm their identity.
- The second factor can include a range of options. Some sites use images or personal information (such as a mother’s maiden name or a childhood pet’s name). However, secret questions are generally weak options, as answers are often guessable or easily researched.
- The most secure second-factor methods use technology: a secure, independent device (such as a smartphone app) that is easy to use and follows best practices for security and encryption.
- Many cloud-based platforms now offer MFA with free, user-friendly smartphone apps like Google Authenticator or Microsoft Authenticator.
Why Use Multi-Factor Authentication?
When properly implemented, multi-factor authentication dramatically strengthens security. If a user’s password is compromised—even if many users’ passwords are breached—having a second authentication factor in place makes it substantially harder for attackers to gain unauthorized access.
- Most organizations already require strong, complex passwords, but policies alone are not enough.
- Users often re-use passwords across systems, so a password breach at one site can quickly turn into an enterprise-level incident if MFA is not enabled.
Multi-factor authentication should be the standard for systems containing confidential information or sensitive data.
