Multi-Factor Authentication and you

Posted on

In today’s interconnected world, safeguarding your online presence is not just a priority; it’s a necessity. One of the most effective tools in your security arsenal is Multi-Factor Authentication (MFA). Let’s briefly discuss MFA, and how it can drastically reduce the chances of an account breach.

1. What is MFA?

The premise behind MFA is built on the foundation of “something you know and something you have.” This means combining a traditional password with various additional authentication methods—push notifications, one-time passwords, biometrics, and SMS/email. By doing so, MFA creates a robust defence against a spectrum of attacks, including vulnerabilities associated with password reuse, breaches, and brute force attempts.

2. How does it work?

While there’s many types of MFA, one most commonly used is Time-based One-Time-Password. It usually consists of a rolling 6 digits code that updates every 30 seconds. The code is based on a secret both you and the service you’re using know in advance, and is usually shared from the service to the user by means of a QR code to scan into an authenticator app. When the user wants to login to a service, the service will prompt the user for their 6-digits code. To calculate the TOTP, the secret is run through an algorithm, combined with the current time. This algorithm can’t be reversed engineered from the resultant code.

3. How effective is MFA?

While Microsoft reports a 99.9% success rate in thwarting automated attacks with MFA, it’s vital to understand the potential weaknesses. Social engineering, where attackers exploit person-to-person trust to coerce users into revealing their MFA codes. Session hijacking, a sophisticated manoeuvre, involves stealing session data from browsers, bypassing the entire authentication process. And then there’s SIM swapping, a tactic where a user’s mobile number is ported to a new SIM card or carrier, granting attackers access to OTPs sent via SMS or phone.

This illuminates the critical role of user education and vigilance against suspicious requests. The effectiveness of MFA isn’t just about the technology; it’s about creating a culture of awareness and resilience within your organization.

4. Additional measures

MFA is just one part of a healthy security mindset. Other very important factors include:

  • Strong passwords – the idea of MFA is having multiple methods of verifying a user. If you have a weak password, the attacker is already half-way there to breaking into an account. Using a password manager and never re-using passwords goes a long way to preventing password leaks.
  • Access control and least-privilege – limit the damage an attacker can cause by limiting user accounts only to what’s necessary. For example, a sales person probably doesn’t need access to payroll data.
  • Auditing and monitoring – keeping tabs on who is logging in from where and repeated authentication failures can be an indicator of an attack.
  • User education – Often the weakest link in securing accounts is the user. Teach your staff how to identify phishing attempts, fake login forms and to never give out their passwords or MFA codes.

Empowering Your Organization

In conclusion, the journey towards a secure digital future begins with the implementation of MFA. Our team specializes in crafting tailored MFA solutions designed to meet your unique needs. Fortify your organization against cyber threats—contact us today to discuss how we can help you protect your business.

Get in touch with our team

Chris Humphrey Office National (CHON) is your go-to business solutions provider in the South East Victorian Region. Renowned for top-notch performance, quality, and reliability, we’re here to meet all your needs.