Cibersecurity Newsletter
SEPTEMBER 2021

Multi-Factor Authentication

The importance of enhanced security

Autenticação Multifator

Currently, computers and smart devices are accessible enough so that we can have several: smartphones, laptops, tablets and microdevices. Both professional activity, with or without telework, and personal life require portability. This, along with the tendency to move corporate servers to the cloud, makes secure user authentication even more urgent - and complicated. What brings us to multi-factor authentication: what it is and how it's achieved.

What is it and what's its importance?

The goal of multi-factor authentication is to create a layered defence of two or more independent credentials: what you know (password), what you own (security token), and what it is (biometric verification). Requiring multiple factors to authenticate a user makes it more difficult for an unauthorized person to gain access to computers, mobile devices, physical locations, networks, or databases; each successive layer should help protect where other layers could be weak.

Image35

How does it work?

There are three credential categories: something you know, have, or are. To gain access, your credentials must come from at least two different categories. One of the most common methods is to log in using your username and password. Then a unique code will be generated and sent to your phone or email, which you must enter within the stipulated time frame. This unique code is the second factor.

Here are some examples in each category:

Image41

Something the user knows:

check

Password / secret phrase

check

PIN number

Something the user has:

check

Security token or application

check

Verification text, call, email

check

SmartCard

Something that the user is:

check

Fingerprint

check

Facial recognitio

check

Voice recognition

What are the advantages?

If it were possible to develop a single authentication method that was 100% accurate and could not be hacked, we wouldn’t need multi-factor authentication. But passwords can be seen, heard, guessed, or circumvented; a token can be lost or stolen; and an identical individual or photograph might even deceive biometric recognition systems. That's why multi-factor authentication is currently very important for account security.

The concept of security using multi-factor authentication is that while there may be a weakness in an authentication factor - for example, a stolen password or PIN - the existence of a second or third factor would compensate to provide the appropriate authorization for access.

Image51

When should it be used?

Multi-factor authentication should be used to add a security layer to websites that contain sensitive information or whenever enhanced security is desirable. Multi-factor authentication makes it more difficult for unauthorized people to sign in as the account holder.

Image29

What can it prevent?

Multifactor Authentication (MFA) can help prevent some of the most common and successful types of cyberattacks, including:

Image4

check

Phishing

check

Spear phishing

check

Keyloggers

check

Credential stuffing

check

Brute force and reverse brute force attacks

check

Man-in-the-middle (MITM) attacks

Recommendation

MFA is considered the "golden standard" of account security, but it is not entirely perfect. The human factor must be taken into account as usual. For example, if you are the victim of a phishing attack and are directed to a page you didn't realize was fake, and you entered your username and password, there's nothing you can do to stop the phisher from immediately linking that information to the real account. This will cause the real account to request your second form of authentication, and if you respond you will have given the phisher access to your account. That's why it's very important to be aware of phishing attacks and other forms of social engineering.

Image55

Conclusion

When done correctly, MFA is one of the simplest and least expensive forms of security a company can implement. Given the rampant cybersecurity risks in today's digital panorama, there is no reason why businesses and individuals should not take advantage of this solution. If you invest in the most up-to-date tools, in training your personnel, and in a multi-layered security infrastructure, you will go a long way when it comes to protecting your information.

Image54

SUBSCRIBE OUR NEWSLETTER


Cookie Consent X

Integrity S.A. uses cookies for analytical and more personalized information presentation purposes, based on your browsing habits and profile. For more detailed information, see our Cookie Policy.