Multi-Factor Authentication (MFA) – how important is it?
Multi-Factor Authentication (MFA) is an extra authentication layer introduced to add additional security to protect your online accounts.
2-Factor Authentication (2FA) is another name for Multi-Factor Authentication (MFA).
Account Security, whether for Office 365, a CRM solution or Hosted Desktop is incredibly important to protect the data you hold. This is even more important with the introduction of GDPR.
Password complexity is a requirement most users have come across before, generally requiring the use of:
- Upper Case Characters
- Lower Case Characters
- Special Characters
- Minimum length
A complex password and the use of different passwords across different logins is highly recommended.
What happens if my password is leaked?
Should the password you use for a site be leaked following a data breach from the provider or platform you are using, it is likely to only be a matter of time before your account is accessed.
You can check whether your email address has appeared on known breached databases through this site
Why would someone want to access my account?
Ultimately it is all financially driven. The criminals generally want to access your accounts in order to try and scam people into paying them money.
The targeting of email accounts is a good example and very common. With access gained either through a leaked password or a phishing email, attempts are likely to include trying to scam invoice payers into paying money owed into the criminal’s bank account instead of yours and the intercepting or redirecting of finance related emails.
This type of activity is a common risk across all accounts.
How can Multi-Factor Authentication (MFA) help?
MFA adds a second layer of account login authorisation through a mobile app approval / code or a text message code.
Similar to online banking where you either use a PIN Entry system, text message code or mobile app to approve sign in or to make payments.
The introduction of this extra layer of security means that even if your password is leaked, the person trying to access your account will also need access to your mobile phone. The implementation of MFA increases protection against your online accounts significantly.
We recommend using MFA on every account possible. Microsoft and Google have app’s that link and allow the use of MFA across most systems, whilst ESET and DUO Security also offer solutions that can also be deployed to protect account logins for systems such as hosted desktops and hosted apps through Remote Desktop Gateway services or RDP.
Unfortunately the days of just relying on a complex password are gone! Password complexity is still important, however when combined with MFA the protection levels are significantly increased.
Please get in touch if you have any enquiries or need advice on securing your accounts.