What is it? If you’ve spent time near a security web developer recently, you may have heard them utter these three words.
Do you feel as though this is some sort of secret language, and you don’t speak tech guru dialect? Not to worry, we will break down the basics in this article.
In a nutshell, multi-factor authentication is when access to a site, account, item, etc. can only be granted when that user presents two or more ways to validate that they have access to or possess knowledge pertaining to the environment they are trying to enter into.
Have you ever tried to do a password reset to get into your bank account and suddenly, they ask you for your mother’s maiden name, your childhood best friend’s name, then send you a text confirmation # (also known as a token) to enter in the box that pops up? You were just multi-factor authenticated. Sometimes these extra steps can leave users confused and frustrated (especially if the process isn’t refined to make sure it addresses the customer base) however this seemingly annoying extra few steps could mean the difference in your bank account staying protected or being drained by a fraudster. In certain cases, high security environments may even scan your fingerprint or your eye iris.
Multi-factor authentication makes it a lot harder for those trying to commit fraud to steal your identity, credit card number, or online account access. The individual or bot/cyber-attacker may be able to get into your account to perform a password reset, but what happens when the code gets sent to your phone that they don’t have? Or when they don’t know your mother’s maiden name? Chances are that they won’t be able to get in, and you can report the incident immediately. Most organizations will send you a confirmation email stating something like “Did you try to do a password reset on Tuesday at 6:05PM?” If not, please reply no to open a claim. If so, please disregard this email.”
These checks and balances are what make the world of account security turn, so make sure that you always read the notification and respond if need be. It’s important to keep in mind that these types of emails could also come from phishing sites trying to get you to click the link in the email or download its content that may contain a virus. If you are unsure about getting the notification, it’s always best to contact the organization directly before you click on anything.
Multi-factor authentication is one of the first lines of defense against fraud violators, and a pretty great defender at that. In most cases, multi-factor is used in environments that require extra protection; like your medical health care login, bank account, or computer access at your place of work. Logins of this nature tend to house sensitive information, making them a primary target for those attempting to commit fraud.
So… next time you get that authenticator text message alert after answering 3 questions about yourself and want to throw your phone out the window, take a step back, breathe deep, and enter the code correctly. You’ll be glad you did.