Multi factor authentication is a method of confirming a users’ identity for them to access online services. Access is granted only after the user presents two or more pieces of evidence to an authentication mechanism.
Many banks use this method to allow their customers to log in to their online banking. This is usually through a personalised code or a password, and then an additional passcode or security question. They ensure this is secure by never asking for the full password, but rather random letters/numbers within it, and never the same ones on every occasion.
Two-factor authentication is a type of multi factor authentication. This is used thousands of times every day without a second thought. How? Withdrawing cash from an ATM requires a bank card and PIN (something only the user knows). When entered correctly, this allows the transaction to be carried out.
What are the benefits of implementing this?
Whilst passwords are one of the most common security measures available, they can be the most vulnerable. They are the first security feature that hackers and cyber criminals will try to break. Anyone who gets hold of a password can access the account and take what they need.
Multi factor authentication provides a second level of security in addition to a password. By asking users to authenticate through a secondary measure, it reduces the risk of a hacker gaining access.
Types of multi-factor authentication
There are different authentication methods that can be used:
- Authentication through something you have, for example through a mobile device
- Authentication through something you are, for example biometrics like fingerprint or voice
- Authentication through something you know, for example additional password or PIN
These extra steps help to increase the security level around important data. But what about in business? Many companies still only use one method of authentication, mainly a password, to access their online services. As these can, in some cases, be easily guessed, this means the data is not as secure as it can be.
By implementing a multi factor authentication process, businesses can ensure that even if their passwords are compromised, hackers cannot access their data without that secondary authentication method.
If your business isn’t using some form of multi factor authentication, ask why? Implement a secondary level of authentication and ensure your data is secure.