CLOSE

Ask an Expert

Login

CONTACT US




    Multi-Factor Authentication

    BY: BOBBI LENTZ

    Passwords are undeniably a time-tested and imperfect way for authenticating if used correctly. Passwords, alone, are not necessarily the best in these modern times. We are humans and we try to keep things simple and easy for ourselves which leads to potentially weak passwords that we rarely change unless forced to or that we re-use for multiple applications or websites. One enhancement to password authentication is Multi-Factor Authentication (MFA), also called Two-Factor Authentication (2FA).

    Most of us, like Amazon and Verizon, are already using MFA. Most likely your bank is already using it as well. So, what is it and why is it important?

    MFA means you need to provide at least two different pieces of evidence to access an account. These can be:

    • Something You Know: password or PIN
    • Something You Have: smart card, security token, SMS text to mobile phone
    • Something You Are: commonly referred to as a biometric which might be a fingerprint, facial recognition or retina pattern

    Amazon uses the Something You Know plus Something You Have. First, you authenticate with your password and then Amazon sends a One Time Password (OTP) by text to the phone registered in the account. You enter this OTP and then you are signed into your Amazon account.

    By contrast, some banks require a password to authenticate and a PIN to fully access the account. This is not MFA. Both password and PIN are Something You Know which is one type of evidence, not two. This seems like MFA since you entered two things but the idea of MFA is that the evidence needs to be of two different types. This bank does also offer MFA to account holders. Once signed up for MFA, logging in requires a password, PIN and OTP text. The PIN is actually used to identify the device from which you are logging in. Select the choice that this is a computer you trust and the bank saves a cookie and does not require the PIN in future logons by the same account from that device.

    Many websites are now offering (and sometimes requiring) account holders to establish MFA for their accounts. MFA does not mean you can be relaxed about the complexity of passwords. Always create strong passwords or passphrases as one level of protection. MFA, though not perfect, offers that extra level of protection against hackers. If hackers need to gain multiple pieces of information from someone instead of just one, it typically deters them. Hackers generally don’t compromise MFA-protected accounts. It is your personal and private information, protect it.

    Agilists, Assemble!

    Hardware and Software: Why Both Need to be Secured in the Cloud

    5 Best Practices for Federal IT Modernization

    A Road Map for Federal Agencies Adopting Cloud-based Applications

    Ineffective Communication in Project Management

    Finding the Best Platform for Each Job at Your Modern Federal Agency

    Simplifying Edge Infrastructure Security And Management

    Myths Impacting IT Modernization In Federal Government

    Enabling “Edge to Cloud” in Modern Federal IT

    SPARC Server Migration: Here’s All You Need To Know

    Best Practices in Moving, Storing, and Processing Data – From Edge to Cloud

    Specialized Data Center: Design and Manage Government Data Centers with Security in Mind

    Project Management Challenges in Government

    Cloud Readiness Assessment:
    Are You Thinking About Moving to the Cloud?
    Are You Ready to Move to the Cloud?

    Cloud Computing: The Future of Government IT Innovation