Mahmood Menon Khan
Mahmood Menon Khan

Nov 15, 2024
Multi-factor Authentication: A Best Practice in Cybersecurity

Multi-factor Authentication: A Best Practice In Cybersecurity

Mahmood Menon Khan

Anyone who uses a communication device or process is likely familiar with the term "multi-factor authentication" (MFA). However, there may still be some who aren't fully aware of it. Our goal is to ensure that everyone not only knows about MFA but also learns how to use it and applies it in everyday life when necessary. It’s essential that any of your digital presence is secure and verified, and uniquely is yours.

There are several ways to implement MFA, and in this discussion, we’ll explore how to do it effectively.

The best practice is to protect your password with an additional layer of security—essentially, a password for your password! Multi-factor authentication (MFA) provides this extra protection by allowing you to set multiple verification steps, ensuring your account remains secure.

What is MFA?

It’s all about verifying the authentication of your ownership over any asset—whether it's a physical device, an online account, or a system. Ensuring that only you have access is key to maintaining security.

This is why multi-factor authentication is recognized as an essential cybersecurity measure. The typical process involves entering a username and password, followed by verifying your identity through an additional method. This second step could be a fingerprint, facial recognition, or responding to a text message or email.

This process does require some extra effort—you might even call it a bit of a hassle. But why go through this trouble? The answer is simple: multi-factor authentication makes it much harder for hackers to gain access to your assets, like your online accounts, even if they manage to steal your password.

Using multi-factor authentication not only protects your assets but also brings peace of mind, allowing you to rest easy. Whenever possible, enable multi-factor authentication—whether it’s for your email, social media, school account, bank account, or healthcare records. Anywhere you share personal data, ensure it's safeguarded.

How does MFA work?

Logging in is a common process, but with multi-factor authentication (MFA), it requires an extra layer of verification. First, you provide your username and password. However, even if those are correct, MFA steps in and prompts you to further verify your identity. There are several ways to do this:
• Using a smartphone for facial recognition, where you must scan your face to gain access.
• Adding an extra PIN (personal identification number) along with your password.
• Receiving a code sent to your phone or email, which you must enter within a specific time frame.
• Standalone app that requires you to approve each attempt to access an account.

• Adding a security question which answer is only known to you.

• A secure token – a separate piece of physical hardware, like a key fob, that verifies a person’s identity with a database or system.

How Secure is MFA?

While multi-factor authentication (MFA) is a powerful tool for securing accounts, some may wonder if it’s completely hack-proof. The reality is that, like any security measure, MFA isn’t immune to attacks.

Cybercriminals can sometimes bypass MFA, particularly through techniques like “man-in-the-middle” attacks. For example, they may call you or send an email with convincing language to trick you into giving them your one-time code or PIN. Hackers may also send repeated MFA approval requests, hoping you’ll eventually approve one out of confusion or frustration.

To avoid these mistakes, remember: if you’re not actively trying to log in and you receive an MFA request, it likely means someone is attempting to hack your account. Do not approve the request. Instead, take action immediately:
• Change your password as soon as possible.
• Contact the service provider to report the issue.

When it comes to passwords, follow these guidelines:
• Use strong, unique passwords with a mix of numbers, symbols, and letters, and ensure they are longer than 8 characters.
• Never reuse passwords across different accounts.
• Avoid using the same password for multiple services.

Despite the potential for hacking, don’t get discouraged. Multi-factor authentication remains one of the best methods for securing your accounts, protecting your data, and safeguarding your privacy.