All

Multi-Factor Authentication - Why could it be a lifesaver?

Multi-Factor Authentication - Why could it be a lifesaver?

Let’s be honest - Multi-Factor Authentication (MFA) can be annoying. You’re just trying to log in, minding your own business. Maybe you want to order something or check your emails - and now it wants you to check your phone, grab a code, or click some magic link before you’re allowed in.

But here’s the thing – it’s very useful and acts as a second line of defence for you. It could make the difference between a close call and someone breaking into your account.

What is MFA?

Sorry, my first paragraph might not make any sense if you don't actually know what MFA is. To put it simply, MFA just means adding a second layer of security when logging in. Instead of only using a password (which we all know can be guessed, reused, or stolen), you’re also asked to prove it’s really you in another way. A second way. A second ‘factor’.

By logging in with a password we are using something 'we know'. MFA adds an extra layer, making us provide something 'we have'.

The second factor might be a code from an app, a text to your phone, or a notification that pops up asking if it was you who just tried to sign in, or even a physical token or gadget. Whatever it is, the idea is, that even if someone has your password, they still can’t get in without having access to that second thing.

Why is it so important?

Because passwords alone are pretty terrible. Most people either reuse the same one everywhere, pick something easy to remember (also easy to guess), or never change them.

On the other hand, even when you do everything right and have good passwords (strong, long, and unique), there is still the risk of being tricked. All it takes is one phishing email, one dodgy link, and its game over. That’s where MFA steps in, its like a second lock on your front door that uses a completely unique key.

Let’s say your email password gets leaked in a data breach. Without MFA, an attacker can log straight in, change your details, reset your accounts, and lock you out before you’ve even noticed. However, if you use MFA, they can enter the correct password as many times as they like, but cannot log in to your account because they do not have the second ‘factor’. And while this is happening, depending on your choice of MFA, you might get a notification or text message to your phone saying is someone is trying to log in as you – giving you a heads up to change your password immediately!

It’s not a perfect solution, nothing is. But it has massively reduced the chances of a successful attack.

Read more