MFA and why you need it
Everyone loves acronyms. Just look at all the master’s degrees out there: MAs, MATs, MBAs, MCSs, MEds, MSWs, MFAs–just to name a few! Now, MFA is something that has different meanings in various contexts: in the world of university-land, an MFA is a Masters in Fine Art; in marketing-speak, it stands for Market Feedback Analysis; in healthcare talk, MFA means Medical Financial Assistance.
In the world of cybersecurity lingo, though, MFA stands for Multi-Factor Authentication. It is also known as 2FA or Two-Factor Authentication. (It might be better known as 3FA or Third-Factor Authentication, as it affords a third layer of protection to accessing the data on your accounts.)
So, why do you need MFA? Because it protects you and your valuable data from those who shouldn’t access it; it keeps all your data safe and secure with a kind of double protection, while also giving you control over who can access your account or data and when.
Here’s how MFA works:
- You log into your account with your username and password (the first two layers of protection for your account or accounts).
- Then, MFA requires that you use another, unique form of identification to verify that it is indeed you who are logging into the account to access all that data–and not some crafty bad actor, who has stolen your username and/or password.
Just what is MFA, though?
- MFA can be a biometric login method, as a fingerprint or facial scan.
- It can also be a “push” notification that is sent to your phone or other prearranged device, from which you approve or deny the notification.
- It may also be a code that is generated by an authenticator application, which you will need to supply or input to get access to your account and its data.
But why MFA?
- You don’t have to use MFA to secure your accounts, just as you don’t have to do anything you don’t want to do–but you do have to accept the consequences of any choice you make.
- Here’s a scenario in which you do not use MFA:
- A bad actor gets access to your username and password login and easily hacks your account. Your data becomes compromised, possibly meaning that your bank account is drained or your email account becomes a breeding ground for SPAM or pretexting emails.
- Here’s a second scenario in which you do use MFA:
- A bad actor gets access to your username and password login. And that’s it. The story ends there. Why? Because when your MFA notification alerts you that someone other than you is trying to access your account, you can deny the access–and then quickly change your username/password.
- Here’s a scenario in which you do not use MFA:
- MFA affords you not only security against fraudulent logins to your accounts, like your bank account or healthcare account, it also affords you control over who gets access when.
- You can control who has access to your accounts and when by approving or denying the MFA notifications: with MFA enabled, when someone (even you) tries to log into your account, they will need the MFA notification to be approved. This allows you control over who can access your account and when.
But isn’t MFA just a big messy headache?
- With this question, you have two questions to consider:
- Do you like frustrating, long phone calls with agencies that get you nowhere, while your hacked bank account gets drained and your hacked emails end up becoming the fodder for thousands of SPAM emails?
- Or do you like to live a relatively smooth life?
- In all honesty, though, if you’re trying to share an account, MFA can be challenging–but when considering the safety and security of all the data on your accounts, like bank account and routing numbers, medical and health information, Personally Identifiable Information (PII), and the like, it is less a headache and mess to deal with MFA than with getting hacked.
“To the one who uses MFA, a relatively smooth life will be afforded.”
Yoda (should have once said)
What should I use for MFA, then?
DUO is a highly rated, well-known, and widely used application for MFA and is as low as $3 per user per month. Google Authenticator as well as the application called Authenticator are both good options that are free and that you can download from the Apple App Store or Google Play Store onto your smart phone or device.
So what the MFA now?
MFA is one tool of a whole toolbox that can help protect your data online, and a powerful one it is. It provides a double-check that you are actually you, logging into your account–and not someone else, pretending to be you. MFA is important because it provides an extra measure of security for your data and online presence, and it helps protect you from having to deal with the headache of a big messy online compromise.
So, what now? Well…go on and get MFA now!
If you need more proof, here’s a video to support what we’ve said thus far in this post:
Do you need help?
We can help! Contact us today for assistance on getting set up with MFA.