Last week, Charles talked about what MFA is. In a nutshell, MFA (multifactor authentication) is a security tool that adds an extra layer of protection to sign-in processes. If you haven’t read Charles’ blog from last week (“What is MFA?”), check it out now! So now that we know what MFA is, let’s talk about why it’s important.
We all know passwords keep our information safe, and the better the password, the safer the information (for more info, see my Keeper Password Security blogs). However, passwords can only do so much to protect your information. Even if you have extremely strong passwords and never use the same password twice (which is not the case for most people), your username and passwords can be guessed, brute-forced, hacked, or phished.
Enter MFA. This second layer of security is something that is hard to duplicate–something a hacker or criminal would have a difficult time getting around (biometrics, texts and calls to your cell phone, etc.). Say your email password is compromised. Normally this would mean that whoever had your credentials could login and access your inbox, impersonate you, steal information in your email, etc. But let’s say that you have an MFA set up that requires you to type in a code texted to your cellphone. Now that username and password that the malicious actor has is only half of what they need. Basically, MFA keeps you safe by putting a massive hurdle in the way of anyone except you trying to access your information.
Last week, Charles compared MFA to something you’ve probably seen in the movies: “You know how in movies whenever something super top-secret needs to be accessed, there are always two people, one on either side of the room, who have to put in their keys and turn them at the same time to unlock the secret room or access the launch codes? Think of MFA as a miniature, everyday version of that.” Basically, your username and password are one key. Your MFA is the second key. Without BOTH keys, your information cannot be accessed. If a hacker only has your username and password but cannot bypass your MFA, they’re only turning one of those keys, and your information is safe.
Passwords still matter. Every level of security we have matters because the information that you are protecting matters to you, your business, your employees, your customers, your patients, and ultimately your communities. MFA is so important because it gives you the final key needed to access your data, and it is the key that criminals cannot easily turn.
Now that you know the basics of MFA, next week we’ll talk about some common MFA misconceptions and set the record straight for you. See you then!