Multi-Factor authentication (MFA) means you need more than one credential to login to systems, applications, or other digital assets. It’s an integral part of the zero trust security approach that your organization may be undertaking. Stolen credentials must be fought against with every tool possible.
Back to MFA, or sometimes referred to as 2FA or Two Factor Authentication, generally requires one of the credentials to be something you know – like your username and password – and the second credential to be something that you have – such as a code sent to your smartphone.
Hackers can easily crack a password, but obtaining your phone or your token at the same time is orders of magnitude more challenging. This is why implementing MFA within your organization can be such a vital tool in securing your IT infrastructure.
In order to understand why MFA improves your security, let’s first take a step back and look at a couple of changes in the world of technology that have impacted passwords.
The Backstory on Passwords
One major change in the world of IT was the introduction of web-based applications. Suddenly, users found themselves needing a multitude of passwords to login to their various applications. Convenience is too often favored over security, and so reusing passwords for these resources became a popular habit. The problem is, if that password is compromised, all accounts using that same password become compromised as well.
Another major change was the introduction of social media. Social media has made it all too easy to find the answers to security questions that often accompany a password reset. Also, how often is your favorite furry friend the subject of your password? If you’ve ever mentioned your pet on social media, that password has become one step closer to being cracked.
Just knowing credentials is no longer a secure login procedure, and modern directories like our cloud directory make it easy and simple to start implementing multi-factor authentication in your organization.
How Multi-Factor Authentication Works
It is important to clarify that there are two types of MFA:
- Device MFA – A two-factor authentication process that grants access to your system endpoint. This method implements MFA directly at point of login to a system.
- Application MFA – A two-factor authentication process that grants access to an application like GitHub or Slack. This method implements MFA upon access to an individual app or – in the case of SSO – to a set of apps.
MFA works in roughly the same manner for both types.
First, MFA must be enabled within your account, and your device will need to be tied to an MFA app or software. Once this is done, whenever you type in your username and password associated with that account, you will also be required to enter in a token. This token is usually in the form of a random number produced by an MFA app like Google Authenticator.
Now, in order to compromise your account, the hacker will need to have your MFA device in addition to knowing your credentials. They will not be able to gain access otherwise. This is why MFA is such an asset in increasing your IT security.
Secure Identities with our Cloud Directory
If you are interested in implementing MFA in your organization, we’d love to talk with you about how our Directory-as-a-Service® leverages MFA. You can also see for yourself how we leverage password management, centralize user management, and extend visibility in heterogeneous system environments by signing up for our free account. Your first ten users are free forever.