As cybersecurity becomes a greater priority of businesses across the UK, it is important that those businesses prioritise. One of the best ways to protect important online accounts is through multi-factor authentication.
If usernames and passwords are compromised, they won’t be enough for cyber criminals to gain access to the accounts – they will need to authenticate in another way.
With so many options for multi-factor authentication available, knowing which one to choose isn’t always easy. We’ve spoken before about why businesses need multi factor authentication, so here are our picks – see which authentication method is best for you and your business.
Multi Factor Authentication Methods
For your staff, the best authentication method will be easy to use, very secure and provide peace of mind. Here are the ins and outs of the most popular methods.
One of the default methods of MFA is the sending of a one-time password or code via text message or email. All you need is your mobile phone, or quick access to your mailbox. These codes generally expire after a certain period of time – could be 5 minutes, could be an hour. It depends.
Using a message-based system to authenticate is easy for getting up and running quickly. Additional setup is not required. Chances are you’ve already provided an email address or phone number when creating an account – so they will simply send a code to one of these.
One downside to this type of authentication is the potential for spoofing. Cybercriminals could send fake authentication requests that look genuine as a form of attack. And if your email account is compromised, they could have access to all of your online accounts by requesting password changes.
Simply put, authentication apps are great. We love them. Why? Well, we think they’re much more secure than waiting for a message. Use a reputable authentication app like Microsoft Authenticator or Google Authenticator. But how do they work?
These apps will display an authentication code that updates every 30 seconds. When you are asked to provide such a code, open the app on your phone and submit on the website. It’s as simple as that.
These apps do require a bit of setting up, compared to message-based authenticators. But it is often as easy as scanning a QR code on your phone, and your codes will be there waiting. What could be simpler?
Using Microsoft tools? Find out how to set up MFA on your Microsoft account here.
Biometric recognition is accurate. Everyone’s fingerprints and faces are unique, so systems can see exactly who is trying to access an account through biometrics. If the finger or face don’t match, access will not be granted. It’s as simple as that.
Some devices, particularly mobile devices, have biometric recognition built in. The latest iPhones have facial recognition, and older models have Touch ID for fingerprints. But if your device doesn’t have any form of biometric recognition (like many PCs), you can buy a USB fingerprint scanner for your PC to authenticate.
It’s very hard to lend somebody your face or fingerprints. Biometrics are a great, secure option for adding a second level of protection to your accounts.
Whether you prefer messages, app authenticators or biometrics, what’s most important is that you activate MFA for as many accounts as you can. It’s probably our most recommended tip for improved cybersecurity.
Want to learn more about best cybersecurity practices for businesses? Have a chat with one of our friendly security experts today.