A password isn’t enough for modern day security – it’s time to layer up
Multi-factor authentication is a bit like having a flu jab or an annual physical – you know you should do it, and you know it’s good for you, but it’s also a time consuming faff. Besides, you didn’t catch flu last year and you feel completely healthy, so why bother?
In the same way, multi-factor authentication can seem like an unnecessary extra hurdle to jump over to get at the data you need, be that logging into your email or accessing a corporate database. A single-factor system, such as a unique password, has worked fine until now (or so it seems), so why bother gilding the lily?
The reality, however, is the same as with health: just because you didn’t get an infection previously, doesn’t mean you won’t get one this year and just because everything seems ok on the outside, doesn’t necessarily mean there isn’t a problem lurking deep inside.
Frankly put, not using multi-factor authentication can be a seriously reckless course of action.
What is multi-factor authentication?
Before getting much further, it’s worth considering what we mean by multi-factor authentication.
In short, it’s where a user must input one or more additional security details as well as their password, PIN code or similar, to gain access to whatever information or service is protected by these measures.
A common example of this is the sending of a one-time security code by text to a phone number associated with the account. Administrators can decide with what frequency this second verification step has to be completed, whether it’s for every day, every week, every month, each time a new device is used, or whichever parameters or combinations of parameters they wish.
Other examples include a number randomly generated by an external device, such as a key fob, a dedicated phone app that is used to confirm a genuine logon attempt, or a biometric scanner. The latter can be found in security systems such as Microsoft’s Windows Hello, built into Windows 10, which offers a way to strengthen authentication through fingerprint and facial recognition.
Why is multi-factor authentication important?
Passwords are the most common form of login authentication across the spectrum of technology. But they’re also incredibly fallible.
One of the main failing points of passwords is they rely on the individual remembering them, which leads to the use of weak passwords. If the password is memorable, it’s often a “dictionary password” – a real word that could be found in the dictionary or a slight modification thereof, or perhaps a person’s name – or it’s something personal to the individual such as their mother’s maiden name or the town where they grew up.
If the person’s account comes under attack from cyber criminals, both of these are easy to crack depending on the method being used. A targeted attack could use social media to find out details about the individual’s personal life, while a phishing attack could try to lure them into handing over these details. Memorable passwords, meanwhile, can be cracked by special software within seconds. Indeed, even long and complex passwords can be cracked, meaning even best practice isn’t enough anymore.
This isn’t to say that passwords are useless – they’re still the best first line of security we have for most services. But multi-factor authentication means that even if a determined and skilled attacker can get past this initial stage of defence, they will be thwarted by the request for a second, separate form of identification.
Rolling out multi-factor authentication
As with any new technical initiative, rolling out multi-factor authentication is both easy and hard.
From an administrative point of view, it will often be a case of simply adjusting security settings of any given software, app or service to require all users to set up multi-factor authentication.
From a practical standpoint, however, there will certainly be resistance from at least some staff. While there’s no way to avoid this, it can be reduced and mitigated.
To minimise resistance and ensure a smooth roll will involve a small amount of training and showing the user what and how we are installing the technology on to their Mobile phone.
Ultimately, there’s no 100% fool proof way to protect data, but multi-factor authentication bolsters defences significantly for relatively little effort or investment. And, with careful implementation, it can be relatively pain-free too.
https://youtu.be/VzZFKS8AfQU
If you want to discuss further or would like us to upgrade your security to include Multi Factor Authentication then please call us in Cork, 021 4544144.