The cyber threat landscape has evolved, and it is more difficult than ever for businesses to protect their data. Passwords alone are no longer enough to secure your computer systems. Stolen and weak passwords are involved in a majority of cyberattacks, and hackers seem to always be developing new ways to steal credentials. The best thing you can do to strengthen your login security is to enable multi-factor authentication.
What is Multi-Factor Authentication?
MFA requires that a user provide two or more forms of authentication when logging into the system. Think of it like needing multiple forms of ID when applying for a license. These forms of authentication can include:
- Something you know: a code, password, or PIN.
- Something you have: a key fob, access card, or digital token.
- Something you are: fingerprints, facial recognition, and other biometrics.
With the wide variety of options available, you can craft an MFA policy to fit your specific security needs, but the most common form of MFA is the combination of a login password and a digital token. This digital token can be in the form of an authenticator app on their cell phone, or a code sent by text message. This confirms that they know the password and are in possession of a physical object that confirms their identity.
According to Microsoft, 99.9% of compromised accounts in 2020 did not use multi-factor authentication, along with 74% of ransomware response engagements in 2022. MFA isn’t a silver bullet that will solve all your cybersecurity needs, but adopting it is an important first step toward developing a more mature cybersecurity posture. Here are some reasons you should enable MFA on your systems today:
Identity and Password Theft
User data, logins, and passwords are stolen from companies and websites around the world every day, and your employees could be among the victims. If hackers gain access to a user’s data from another company or website, they can use it to try to break into your system. This is especially problematic when someone reuses passwords across multiple accounts.
MFA can also protect against social engineering attacks like phishing. Phishing is one of the most common forms of cyberattack, where fraudulent emails or websites try to trick targets into divulging their login information. Multi-factor authentication helps protect your system even if passwords are compromised.
A study last year found that “password” was the most common password around the world, followed by “123456.” Weak passwords like these are the first to be tried and can be cracked in seconds. In response, we’ve seen the introduction of password requirements (e.g., numbers, capital and lowercase letters, and special characters) and password change policies. Multi-factor authentication can help shore up the strength of weak passwords and take some of the weight from the more onerous password requirements.
Business Email Compromise (BEC)
The FBI says Business Email Compromise is one of the most financially damaging online crimes. As companies get better at securing their computer infrastructure, we could see hackers pivot even more toward targeting email systems. So much critical business is carried out via email it is easy to imagine how much damage a hacker can do with a compromised email account. MFA for email helps mitigate the risks of BEC and is recommended by the FBI.