Authentication is the process of verifying that a user’s identity is genuine.
Multi-factor authentication (MFA) is a simple, multi-step process that adds an additional layer of security to a login process. MFA is also called two-factor authentication (2FA).
While MFA adds a step to your login process, it is a minor inconvenience that helps protect against 99.9% of automated online attacks.
Entering a unique code from your email or app is far less inconvenient than dealing with an account or systems hack. MFA plays an important role in stopping threat actors from stealing or deleting sensitive data or holding you hostage with ransomware.
From the U.S. Cybersecurity & Infrastructure Agency (CISA):
“Even if one factor (like your password) becomes compromised, unauthorized users will be unable to meet the second authentication requirement ultimately stopping them from gaining access to your accounts.”
CISA recommends using MFA for “Internet-facing systems, such as email, remote desktop, and Virtual Private Network (VPNs).”
How MFA works
The MFA process is simple:
- Step 1: Login to your account using a strong password.
- Step 2: Verify it’s really you using a random, time-sensitive number (using text, email or app).
There are several ways MFA can be set up:
- Authenticator app
- PIN (personal identification number)
- Biometric scan (face, retina, fingerprint)
There are several free MFA applications that let you access your second authorization number. We recommend these:
Watch this explainer video to learn more about MFA:
- Multi-factor authentication (U.S. Cybersecurity & Infrastructure Security Agency)