Introduction

The MFA stands for MultiFactor Authentication (also called 2-FA or two-step verification). 

It aims at strengthening your authentication to a website, an app, a software by requiring a user to use different methods to gain access to it.

Originally, people used the couple username/password to authenticate. Since passwords might be complicated to remember, people tended to use a simple password and/or use the same for multiple websites.

Therefore, online services such as banks, social media… implemented the “two-step verification”(MFA),. After completing your username/password, you’ll have a second step to confirm who you are.

Let’s discover the three main factors involved in MFA.

The 3  main factors

    1- What I know

This could be a PIN code or a password.

It is the most commonly used mechanism of authentication but potentially the weakest one.

Check our previous article for more detailed information on how to create a strong password.

    2- What I own

This is based on something that you have physically. 

For instance, it could be a key, a smartphone, a secure USB key, etc…

    3- What I am

It is your biometrics, such as your fingerprint, the facial or voice recognition, the iris…

Compromised passwords are one of the most common ways that hackers can get at your data, your identity, or your money. 

Using multifactor authentication is one of the easiest ways to make it a lot harder for them.

However, many multi-factor authentication approaches remain vulnerable to phishing.

To recognize it, we recommend you read our previous article about recognizing phishing.

At APIS Consulting, we can help you reinforce your IT security practices and cyber security awareness. You can contact us by email: contact@apisconsulting.cn or by adding Antoine on WeChat via the QR code below if you need some trainings, cyber security audits, strengthening your IT security, and/or outsourcing your IT security.

---