By having multiple layers of security when logging into various services, you also make it harder for hackers to get into your data - which is why multi-factor authentication is an important tool to implement on your devices besides implementing awareness training in your everyday work.
What is multi-factor authentication?
As the name suggests, multi-factor authentication is a login that must pass through multiple layers of security in order to be authenticated. There are both two-factor authentication (2FA) and multi-factor authentication (MFA).
Multi-factor authentication must identify the user and verify that it is the user who is logging into a site, and not someone impersonating the user. So it's an extra layer of security for your devices, making it harder for hackers to get to your personal data.
Multi-factor authentication therefore has more layers of security than single-factor authentication (SFA), which is only one layer of security, for example a PIN or password. In these cases, it doesn't take long for a hacker to figure out what your password is - they use high-tech machines to crack the code in a few hours if it's a typical password. This is why it is also essential to make passwords that are hard to break for the hacker's computers.
Multifactor authentication is typically divided into three different types of authentication:
- Knowledge: what you know.
- Inherence: what you have.
- Material verification: what you are.
The three types of authentication add an extra layer to your security, and are something only you can be verified by.
The three types of authentication
The first type of authentication we examine is knowledge. This is knowledge-based authentication, which will typically be questions or codes that only you know. Examples of these are security questions, secure codes and PINs. PIN is an abbreviation for personal identification number, which is therefore a personal code belonging to you.
The next type of authentication is inherence. This type of authentication requires you to be in physical possession of a specific type of authentication. This could for instance be your phone where you are sent a code to authenticate yourself.
The last type of authentication is material verification. This is biometric data that verifies your identity. Biometric data is for example your fingerprint, facial recognition or voice recognition. It is something that belongs only to you and cannot be easily falsified.
The difference between 2FA and MFA
Both forms of authentication are multi-factor authentication. However, there is a difference in the authentication methods, as two-factor authentication only needs one external authentication, where multi-factor authentication needs several authentication methods.
Two-factor authentication is the type of authentication most people are familiar with. When it was integrated, it was typically an SMS code you received and had to enter at the site you wanted to access. However, hackers soon figured out how to easily hack through two-factor authentication, which is how multi-factor authentication came about.
MFA is therefore a heightened security measure that makes it harder for hackers to break through codes and thus through to your personal data. There are several security steps to go through, but these may also lead to more users not using MFA because it is too demanding.
Therefore, 2FA should always be the minimum requirement for a company's security standard, as this form of authentication is easier to manage.
Multi-factor authentication should act as a deterrent to hacker attacks
There are several different types of hacker attacks, where the hacker either infiltrates the security layers or is between the interlocutors.
An example is brute-force attacks, where the hacker forces access to an account by guessing passwords or codes to a user's accounts. In this case, computers invent millions of different variations of codes until they get it right. It is more difficult for computers to guess passwords that consist of complete sentences than those that are "difficult" in the sense that it is a password consisting of three letters, two numbers, and three letters (such as abc12def).
If a hacker has already infiltrated your software by phishing, they can use the keylogging technique. Using this type of hacking, they can see a user's movements on the keyboard - that is, which letters are used frequently and in what order the letters are typed.
Next are man-in-the-middle attacks, where an attacker can sit and observe your online movements. The hacker sits between you and the internet server you're on - whether you're emailing a colleague or logging into your online bank, the hacker will be able to see what's going on between you and the other party.
Why password managers are essential for good cyber security
As mentioned, there are the typical authentication methods you encounter, such as fingerprints, SMS codes or codes in emails. However, the downside of the latter is that you can access these codes at any time and can use them at any time - unless you are quick and use them immediately.
That's why password managers are ideal for keeping track of your codes. They also generate unique codes for your various websites that require a login. One of the benefits of a password manager is that it keeps track of codes, making it almost impossible for hackers to guess your codes for various websites. A new code for the website is created every time you log in - so the time the hacker has to break through your security net is minimal.
Password managers are available for almost every device, so you can safely go online - without worrying that a hacker is watching or trying to force his way into your accounts.
Caroline is a copywriter here at Moxso beside her education. She is doing her Master's in English and specializes in translation and the psychology of language. Both fields deal with communication between people and how to create a common understanding - these elements are incorporated into the copywriting work she does here at Moxso.