Multi-Factor Authentication - What is it?
Multi-Factor Authentication (MFA) is a security tool that has become increasingly popular in modern times. MFA as a concept, is based on the entire premise of having 2 or more seperate methods which are both needed to login to the platform.
You will have come across this with Google, Microsoft and other websites which require SMS or email verification.
History of Multi-Factor Authentication
MFA has surged into popularity in the last 5 years, however the concept was first used in the 90s.
Up until recently, 2 Factor Authentication (or 2 step verification) was the preferred term. 2 Factor Authentication was very rare back then due to inconvenience - and security demands didn't call for it either. If it was used, it was used as a one time verification method - not for every login.
As time went past into the late 2000s and 2010s, mobile phones became more popular- and as such an easy method for 2FA to come to fruition!
2FA began with email and phone verification - where One Time Passwords (OTP) would be sent, and you would verify your login with this temporary code. While it was being used, it was not common place until the late 2010s.
Partly, this was due to an increase in cyber attacks, and subsequently a campaign run by the US government. During this time frame, an attack on Sony occured - leaking thousands of user information.
This led to many people all across the world adopting these measures. Before long, biometric scanners were added to mobile devices. These allowed for users to complete MFA without all the extra hassle.
Three Cornerstones of MFA
Multi-Factor Authentication uses 3 factors to verify who you are. These are:
Something you know
The first step for security was something you know. The best and most famous examples of this is your username and password. Most user accounts require you to sign in with your username/email/phone number and then your password before any other verification methods.
Something you have
Next, is something you have. This relates to ownership of something. Typically this relates to a mobile device or a device known as a security key. One-Time-Passwords(OTP) are included in this as they are stored on a physical device - something you have.
Something you are
Something you are relates to biometrics - facial, fingerprint and retina scanners. In combination with other methods, this almost guarantees that it is you signing in.
Where would Multi Factor Authentication be used?
Nowadays, MFA is used everywhere. Almost all user accounts offer an option for 2 Factor Authentication at least. An option we provide is for your Microsoft 365 account to have MFA enabled. This uses an app called 'Microsoft Authenticator' to act as a One Time Password (6 digit code that refreshes every 30 seconds) or use biometrics to verify your login.
By using the biometrics, you would verify all 3 key concepts of MFA: something you know - your username and password, something you have - your phone, something you are - your fingerprint. This makes logging into your Microsoft 365 account very secure!
At home, you may see MFA with your google account. This works often with the YouTube app on your mobile. When signing into your google account for the first time on a new device, it will often ask for your fingerprint on your mobile. This works the same as Microsoft's in this manner - matching all three key concepts of MFA!
Checkout this article for information on Cyber Security!
Methods of Multi Factor Authentication
Username and Passwords
Passwords as an idea have been around since the Romans, and have been in heavy use in computing since 1961. They are still the most common authentication method and are present in almost all login systems. The combination of both the username and password is secure in its own right - however it is still a massive risk.
Google Authenticator
Google Authenticator is an app used to produce One-Time-Passwords. Effectively, every 30 seconds, a new OTP is generated which you can use to login to the designated website.
The UI is quite basic but it shows you everything you need to know. The clock on the right side shows how long is left for the code. Each code lasts for 30 seconds.
The app is linked to your Google Account, ensuring you have access to it if you switch devices - this makes it a user favourite as it is easy to use and mixes with the Google infrastructure.
Download for Apple
Download for Android
Microsoft Authenticator
Microsoft Authenticator works very similar to Google Authenticator. You can use it for to generate One-Time-Passwords like with Google, however it also has a specific use for MFA on Microsoft accounts.
If you are looking to setup Multi Factor Authentication for your Microsoft domain - this is something we will help you with.
Download for Apple
Download for Android
Security Keys
Security Keys are more common in enterprise scenarios - however they are still something you should be aware of.
They are small USB connected devices that are used as another method of security. By inserting into your USB, they can be used to login to websites or applications after entering a security key pin.
Why would I use Multi Factor Authentication?
Outside of security, MFA may just seem to be a time waste. The truth is the opposite - Multi Factor Authentication is one of the most important measures you can implement to your infrastructure. As such, we recommend it to the highest standards.
If this article has piqued your interests, and you want to learn more about how Multi Factor Authentication can protect your business from unwanted malicious actors, send us an email using the link below, and we will be happy to help!
How do I use MFA for Microsoft?
While we can set up MFA for you, you can also set it up on your own end.
By navigating to: https://myaccount.microsoft.com/ you can then select 'Security Info'. This page allows you to add more factors of authentication, including the Microsoft authenticator, or a third party authenticator.
You may see some you don't recognise, i.e Outlook Mobile authenticator.
Microsoft sometimes adds this automatically, so you always have an additional factor for authentication which keeps your account more secure.
To add your own, select Add sign-in method.
We recommend setting up Microsoft Authenticator - the third option in this list.
Firstly, download the app from your App Store:
Progress through on your PC until you reach a QR code.
From here, start navigating on your phone - turning on notifications, and accepting their privacy policy.
You should then reach a launch page, with the option to sign in with Microsoft, Add work or school account or Scan a QR code.
Select Scan a QR code.
Use your phone to scan this QR code.
You will then get a popup on your phone, and a number on your PC.
Enter this number on your phone.
After this, MFA will be active, and you should now receive notifications when signing on a new device, where you will have to enter a number from your new device onto your phone.
This should then sign you in!
If you need help with this do not hesitate to contact us using the details below.
In the world today
Overall, Multi-Factor Authentication is one of the greatest and biggest steps forward for user security ever.
By adding these simple changes to most signins on the internet, many user accounts have been protected.
Many websites all across the internet, now support adding different factors for authentication, and hopefully this will only grow in the years to come!
Interested in how Multi Factor Authentication could help your business?
Send us an email here and we will be glad to help with any queries