December 15th, 2019
According to Wikipedia, "Multi-factor authentication (MFA) is an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something the user and only the user knows), possession (something the user and only the user has), and inherence (something the user and only the user is)."
So why should you be using it?
All over the news on television, website news, and social pages are all talking about numerous companies getting hacked. In 2019 alone, there have been many unprecedented attacks. According to Wikipedia (https://en.wikipedia.org/wiki/List_of_data_breaches), “the estimated average cost will be over $150 million by 2020 with the global annual cost forecast to be $2.1 trillion.”
“Multi-factor authentication has evolved as the single most effective control to insulate an organization against remote attacks and when implemented correctly, can prevent most threat actors from easily gaining an initial foothold into your organization, even if credentials become compromised.” - lbmc.com
With the authentication process requiring more than one way to verify the user, multi-form authentication is the way to go to protect your customers’ information. The following are examples of implementations of multi-factor authentication:
- Something your customer would know, such as a password
- Something your customer might have, i.e., sending a verified code to an email address, cell phone or other device or something like a security key generator (whether software or hardware) that randomly generates a key every 30 seconds
- Something that your customer is; biometrics. In other words, a device that may do an eye, face, fingerprint, or voice scan.
- Something related to the location of where your customer is. This could be an IP address or geolocation check.
- Something that your customer may do. This could be gestures, touches, or even a picture.
With data breaches becoming more commonplace, it is up to you to do your due diligence to deter hacking. One of the best ways to ensure that your data and your customer’s data on your website is safe is to implement multi-factor authentication. Don’t wait for that breach to happen. Implement multi-factor authentication today!
If you have any questions or concerns regarding this blog, feel free to contact us.