Multi-Factor Authentication (MFA) Tips

Multi-Factor Authentication (MFA) is the security feature where a website or system asks you for two different types of proof (authentication) that you’re authorized to access a system. The three big factors systems usually choose from are:

  1. Something you know (e.g. password)
  2. Something you have (e.g. smartphone, RSA token)
  3. Something you are (e.g. biometrics, like Apple Face ID or a fingerprint scan)

MFA is incredibly powerful as a security defense — it’s not expensive or complex, but it makes it a lot harder for bad guys to break in, because they can’t just try lots of passwords or try one of your passwords from a different site that was hacked.

Two tips about MFA:

  1. Use a MFA application when you can, instead of text messages, because of the treat of a SIM Swap attack. A SIM Swap is when someone calls your cell phone company, pretends to be you, and gets a replacement SIM card, so they can take over your phone number. The danger here is that they can then “steal” your SMS text message-based MFA to log into systems like your bank account.
  2. Consider using Authy instead of Google Authenticator. Authy can be used anywhere where you see a website offer you to use Google Authenticator, and they’re a free solution that offers a few advantages: You can put your Authy app, with your MFA tokens, on multiple mobile devices if you want, You can backup your MFA tokens in the cloud (in case you lose your phone), and (3) You can disable adding more devices to your account from within the app. For example, if you put your Authy app on your phone and your tablet, you can lock the account from adding anymore devices. Then, if you lose your phone, you could buy a new phone, and instead add Authy to it, by enabling new devices on your tablet Authy app for a few minutes while you add it, and then re-block new devices to be secure, while also convenient.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s