There is no doubt you’ve heard of multi-factor authentication either when signing up for a new online account or when browsing the internet--but what exactly is it and why is it so important? And why is it suddenly making headlines?
First, let’s cover what multi-factor authentication is, so you can understand the rest going forward.
According to the National Institute of Standards & Technology, “MFA, sometimes referred to as two-factor authentication or 2FA, is a security enhancement that allows you to present two pieces of evidence – your credentials – when logging in to an account. Your credentials fall into any of these three categories: something you know (like a password or PIN), something you have (like a smart card), or something you are (like your fingerprint). Your credentials must come from two different categories to enhance security – so entering two different passwords would not be considered multi-factor.”
So, in simpler words, multi-factor authentication is a mechanism that helps keep our online accounts more secure from hackers and cyber attacks by using two or more of your credentials.
This is why it is so frightening that recent hackers have been able to bypass the security of MFA recently, especially businesses, and causing losses of $26 billion.
The FBI issued an advisory this month warning organizations of the threat of attackers and their ability to override MFA security.
"The FBI has observed cyber actors circumventing multi-factor authentication through common social engineering and technical attacks," they remarked.
However, the FBI has made it very clear that despite these recent attacks, MFA is still a trusted cyber security tool and these types of attacks are incredibly rare. So rare, in fact, that they do not even have statistics on them.
"Multi-factor authentication continues to be a strong and effective security measure to protect online accounts, as long as users take precautions to ensure they do not fall victim to these attacks," the FBI concluded.
Let's stay safe out there!
- The PJ Networks Team