Here’s the 2nd part to the secure password considerations – MFA, multi-factor authentication.
Traditionally, the access to your online bank account looks like this:
you type your
Account in the following is not limited to a bank account but can be the personalized access to any webpage, web-service, online-store or similar.
Now, if you’re like the majority of internet users that only use 5 different passwords for all their online activities, you could unconsciously create a domino effect that allows hackers to take control over several of your accounts after just cracking one password.
In comes MFA, multi-factor authentication.
What is MFA? Most likely you’ve already used it, e.g. when using your bank card at an ATM together with your PIN number, or maybe at some webpage that sent a numeric code to your mobile phone which you then entered on the webpage to gain access.
MFA, sometimes referred to as 2-factor authentication (or 2FA), is a security enhancement that allows you to present two components – your credentials – when accessing your account.
Your credentials are of either category:
- something you know, like your password or PIN
- something you have, for example a smart card or a key, or
- something you are, like your face, fingerprint, retina or voice
For enhanced security, your credentials must come from at least 2 different categories.
Now the above example to access your online bank account would look slightly different.
With MFA enabled, after entering your username and password, you’ll use some authenticator app that will generate a one-time-code (OTC) that you then enter on the next screen before you’re logged in.
In some cases the whole process is even made more simple by your bank remembering the device you use.
So when you come back to login again with the same mobile phone or computer, the site will remember the device and use this as the second factor.
Certainly, there’s some advanced analytics done on recognition of your device, e.g. whether you’re logging in just 20 minutes later from halfway across the globe.
MFA helps to protect you by adding another layer of security and thus making it harder for anyone to pretend to be you to log in.
Your information is safer because now a thief would need to steal both, your password and your mobile phone.
And you’d probably notice if your mobile went missing and you’d report it before the thief could use it to log in. Additionally, your phone should be locked, requiring a PIN or your fingerprint to unlock it.
While stopping all online crime is not a realistic goal, but a few simple steps can massively reduce the likelihood you’ll be the next victim.
You should use MFA whenever possible, especially when it comes to your most sensitive data — like your primary email, your financial accounts, and your health records.
While some organizations require you to use MFA, many offer it as an extra option that you can enable, but you must take the initiative to turn it on.
Remember to take a look at the password tips to create strong and memorable passwords.