Introduction to MFA
What is MFA/2FA?
Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN. Rather than just asking for a username and password, MFA requires one or more additional verification factors, which decreases the likelihood of a successful cyber attack.
How does it work?
MFA works by requiring additional verification information (factors). One of the most common MFA factors that users encounter are one-time passwords (OTP). OTPs are those 4-8 digit codes that you often receive via email, SMS or some sort of mobile app. With OTPs a new code is generated periodically or each time an authentication request is submitted. The code is generated based upon a secret key that is assigned to the user when they first register for the service.
The easiest and most secure method to manage your one-time passwords is using an authenticator app. These apps are available on your mobile device and come in many flavours, often from the big tech companies such as Microsoft and Google. A common misconception is that you have to use the Microsoft Authenticator with your Microsoft accounts, and the Google Authenticator with your Google accounts. This isn't true, most authenticator apps will let you manage all your accounts in a single app.
No Comments