Multi-Factor Authentication

BY: BOBBI LENTZ

Passwords are undeniably a time-tested and imperfect way for authenticating if used correctly. Passwords, alone, are not necessarily the best in these modern times. We are humans and we try to keep things simple and easy for ourselves which leads to potentially weak passwords that we rarely change unless forced to or that we re-use for multiple applications or websites. One enhancement to password authentication is Multi-Factor Authentication (MFA), also called Two-Factor Authentication (2FA).

Most of us, like Amazon and Verizon, are already using MFA. Most likely your bank is already using it as well. So, what is it and why is it important?

MFA means you need to provide at least two different pieces of evidence to access an account. These can be:

Something You Know: password or PIN
Something You Have: smart card, security token, SMS text to mobile phone
Something You Are: commonly referred to as a biometric which might be a fingerprint, facial recognition or retina pattern

Amazon uses the Something You Know plus Something You Have. First, you authenticate with your password and then Amazon sends a One Time Password (OTP) by text to the phone registered in the account. You enter this OTP and then you are signed into your Amazon account.

By contrast, some banks require a password to authenticate and a PIN to fully access the account. This is not MFA. Both password and PIN are Something You Know which is one type of evidence, not two. This seems like MFA since you entered two things but the idea of MFA is that the evidence needs to be of two different types. This bank does also offer MFA to account holders. Once signed up for MFA, logging in requires a password, PIN and OTP text. The PIN is actually used to identify the device from which you are logging in. Select the choice that this is a computer you trust and the bank saves a cookie and does not require the PIN in future logons by the same account from that device.

Many websites are now offering (and sometimes requiring) account holders to establish MFA for their accounts. MFA does not mean you can be relaxed about the complexity of passwords. Always create strong passwords or passphrases as one level of protection. MFA, though not perfect, offers that extra level of protection against hackers. If hackers need to gain multiple pieces of information from someone instead of just one, it typically deters them. Hackers generally don’t compromise MFA-protected accounts. It is your personal and private information, protect it.

Lack of Management Support in Project Management

Insufficient Resources in Project Management

Hardware and Software: Why Both Need to be Secured in the Cloud

Legacy to Cloud: How to Get Started

Dynamic Systems Enabling Companies To Realize the Transformative Power of the Cloud

How to Navigate the Cloud Migration Process with Little to No Disruption

Cloud Technology: How to Find a Winning Strategy

The Evolution of Project Lifecycle Management

Ready for the Cloud? Move and Modernize Your Workloads with Dynamic Systems

What Does It Mean to Move to The Cloud

Legacy to Cloud: Who Is The Right Vendor?

CMMC: Where Does Your Company Fit In

How Defense Contractors Can Achieve CMMC Compliance

CMMC Requirements: Levels 1-5 Explained

Why Choose Dynamic Systems for Your Move from Legacy to Cloud

Migrating Legacy Apps to the Cloud: Dynamic Systems for Business Continuity

Extending Life Cycle of Mission Critical Systems with Dynamic Systems

Agilists, Assemble!

Hardware and Software: Why Both Need to be Secured in the Cloud

5 Best Practices for Federal IT Modernization

A Road Map for Federal Agencies Adopting Cloud-based Applications

Ineffective Communication in Project Management

Finding the Best Platform for Each Job at Your Modern Federal Agency

Simplifying Edge Infrastructure Security And Management

Myths Impacting IT Modernization In Federal Government

Enabling “Edge to Cloud” in Modern Federal IT

SPARC Server Migration: Here’s All You Need To Know

Best Practices in Moving, Storing, and Processing Data – From Edge to Cloud

Specialized Data Center: Design and Manage Government Data Centers with Security in Mind

Project Management Challenges in Government

Cloud Readiness Assessment:
Are You Thinking About Moving to the Cloud?
Are You Ready to Move to the Cloud?

Cloud Computing: The Future of Government IT Innovation

Welcome to Dynamic Systems

What We Do

Cloud Consulting and Migration

Consulting

Cybersecurity Consulting

Enterprise Architecture

Managed Services

Project Management

Strategic Staffing

Cloud Hosting

Cloud Migration

Cloud Readiness Assessment

Cloud Storage

Cloud Strategy

Multi-Vendor Cloud Architecture

Secure COOP/Disaster Recovery

Secure Prototype (PoC / PoV)

Test and Development

Cloud

Cloud Storage

Digital Strategy

Enterprise Compute

Infrastructure

Networking

Software

Cloud Security

Enterprise Segmentation

Identity and Access Management (IdAM)

Security Architecture

Trusted Extensions Desktop (TED)

Asset Management

Break-fix

Extended Warranty

Hardware Maintenance

Help desk

Single Source Support

Software License Renewals

Support Renewals

CONTACT US

Multi-Factor Authentication