Skip to content
Home Info & Advice

Multi Factor Authentication Made Simple

Multi factor authentication made simple

You have all heard it before:

  1. Use strong passwords
  2. Don’t reuse the same password for different services

Reality is people are people – and they don’t listen.

 

Every week we deal with clients who had a staff member share a password between their business accounts and a third party website online. The website gets hacked/broken into, password stolen and then used to break into all of the staff member’s accounts, including their business email, VPN etc.

All the policies and procedures in the world won’t stop this story repeating over and over again. The correct way to deal with this is multi factor authentication (MFA).The basics of MFA include require at least two different piece of information for a successful login:

  1. A password (something that the user knows)
  2. A code (something that the user does _not_ know)

By requiring both items, the danger of a user sharing their password is vastly reduced as the password itself doesn’t provide access..

 

Legacy MFA systems relied on keychain tokens, however today there are many alternative options. An extremely common solution that many of our clients’ use is based around smart phones.

It looks like this in practice:

Bob wants to log in remotely from outside the office:

  • Bob opens his remote connection as normal
  • Bob enters his username and password as normal
  • Bob’s smartphone beeps and his MFA app asks him to confirm that it is in fact Bob trying to log in.
  • Bob taps “confirm” on his phone
  • System logs in as normal

The extra step adds less than 5 seconds to the login process, but makes it virtually impossible that someone that has stolen Bob’s password can connect to business systems and steal data.The app is controlled by the business despite it being on Bob’s personal smart phone, allowing them to revoke access if required. And to protect Bob the app is not able to access or control any part of Bob’s phone.

The same system can of course be used with physical tokens or other methods if a phone is not available/appropriate.In today’s business world the cost is an important factor, however a modern MFA solution can be had for less than $5 a month which makes it one of the most cost effective security controls available today.Get in touch with us if you would like a demo of the system.

Facebook
Twitter
LinkedIn
  • Read more

Related Posts

Netskope Named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Service Edge.

Secure, optimized work from anywhere is already recognized as a necessity and a primary business opportunity for all IT teams. SSE successfully enables this by converging Web Proxy (SWG), ZTNA, CASB, and DLP into one, powerful, high-performing solution.

Overland Footwear Reduces Vulnerability Risks With Illumio.

Overland’s security is up against the unique challenges of a retail environment. Anyone can walk up to a point-of-sale system and try to gain access when no one’s looking, a problem that’s amplified when staff share passwords to serve customers quickly.

Mis- and disinformation are fundamental tools for hackers.

Something interesting caught my eye, and it is the intersection between misinformation, disinformation, and cyber security and the World Economic Forum’s perceived level of the threat we all face.