The WordPress Command Line Interface
January 8, 2020JavaScript Class Method Chaining
February 10, 2020Multifactor Authentication and Its Benefits
Recently, our team completely rehauled the way that we think about and handled our password security. Our team knew the dangers of having passwords as our only form of authentication for our various accounts. So for any app or website that supported multifactor authentication, also referred to as MFA, we enabled it.
What is MFA?
Multifactor authentication is a form of authentication that requires more than one method of authentication to log a user into an app or device or to make certain transactions. The point of multifactor authentication is that the user has to use at least a combination of any two of the following forms of authentication:
What the user knows:
- Passwords
What the user has:
- Devices like a titan security key
- A phone with an authenticator app
What the user is:
- Various forms of biometric verification
- Fingerprint scanner
- Facial recognition software
Why did we decide to go the MFA route?
The problem with using only user IDs and passwords is that they need to be stored in a database. These databases are always susceptible to attacks from people with malicious intent. If any database is breached, it is only a matter of time until the attacker gets the information that they need to be able to access any login that they want. To put it in perspective, a standard 8 character password can be cracked by a computer in less than a second.
So in a theoretical scenario, an attacker gets our passwords and tries to log into one of our accounts. But little to the attacker’s knowledge, they would still be missing a crucial part of our logins. That crucial part that is missing from those logins is what we have on us and not what they are able to access. Such as our fingerprints and our security keys.
This is why we made the switch to using MFA. Because it added another layer of security that we would otherwise not have.
How can Users set up MFA?
This is becoming increasingly common and is typically simple for most applications. Just look around in the settings on the device or app being used. Normally the ability to enable MFA will be in the privacy or security settings.
I will use a recent example of enabling MFA that I have done.
Not too long ago I switched phone plans and my provider had an app that I could use to pay my bills from and monitor my usage. So of course, I wanted to be able to lock down that login as much as I could. I delved into my account settings and was happy to find that I could enable the use of biometrics to further lock down my account. So I will close this up how I did it.
In my Account settings for the app, I scrolled until I found a tab labeled Privacy & Security
Inside that tab, there was an option to enable the use of biometrics as a form of MFA
So once I enabled the feature, I was greeted with a password prompt.
I entered my password and then was asked to confirm my fingerprint.
Once my fingerprint was confirmed, every time I login into the app now, I am asked to use my fingerprint rather than my password.
I have also linked a video by CNBC that is about the future of passwords and MFA.