Updated: Mar 23
The problem with traditional authentication
In an era of increased cyber-attacks, especially on organizations, multi-factor authentication should be nonnegotiable. Multi-factor authentication secures identity and is essential for strong security.
In other words: we now need your stinking badges.
Mobile Security & Multi-Factor Authentication
In 2019 alone, there were over 4 billion personal records breached. That’s a pretty staggering number.
If a user relies solely on a password or phrase for authentication, it is much less likely that their identity can be reliably verified, leading to an increased chance of security threats.
In this environment, it is important to take extra precautions to ensure protect your identity, one of the most critical pieces to the security puzzle. Moreover, Multi-Factor Authentication is a proven way to lessen these threats and to improve security. Here at LINQ, we encourage MFA use, which is always better than just a text password.
The recognition of the benefits of MFA is causing/will cause many organizations and services to begin to require its use as a standard security practice. In fact, Microsoft has decided to stray away from all basic authentication access to their Exchange Web Services (EWS).
What is MFA?
MFA, commonly known as Multi-Factor Authentication, is the use of two or more factors of “evidence” to verify your identity when signing into a device, application, service, etc.
There are three categories of factors that are generally used in the authentication process:
- Something you know
- Password/phrase
- Pattern/pin
- Security question
- Something you have
- Mobile device
- Wearable
- Hardware token
- Something you are
- Fingerprint
- Voice recognition
- Facial/retinal scan
The most common type of multi-factor authentication, SMS authentication, is one of the most well-known methods, but also one of the least secure. Due to its security flaws that allow determined hackers to have the abilities and tools to intercept and spoof SMS, many organizations have begun to implement a non-SMS authentication approach.
Common authenticators
Authenticators either send a push notification for approval or provide a randomized pin to enter for MFA. Each of the authenticators listed above are free, so choosing one or more is a simple and easy way to drastically increase security at no cost. Often choosing your authenticator will be based on if you already use that authenticator or if you want to do a “one-touch” authentication versus typing in a code.
Here at LINQ, we can help you choose/implement your authenticator(s) to set you and your company on a path for success.
If you have any questions about how to secure your user authentication with MFA or would like more information on the topic, please contact [email protected].