Beyond Passwords: The Power of Multi-Factor Authentication

What is Multi-factor (MFA) and Why It Matters

Author

The Grandkids
July 11, 2024

Newsletter Topics: Multi-factor (MFA), Two-Factor Authentication (2FA) & Why It Matters

πŸ—žοΈ In the News: You may remember the major attack on Colonial Pipeline on May 7, 2021. A hacker group disrupted operations for several days, causing gas shortages in the southeastern USA. The root cause was an employee's compromised credentials and an outdated VPN. If the company had implemented multi-factor authentication (MFA) for employee accounts, this attack might have been prevented. To learn more about this story here!

πŸ‘€ Today’s Focus: What is Multi-factor authentication (MFA)?

Multi-factor authentication (MFA) or two-factor authentication (2FA) is a security process that enables access to an account using two or more different forms of identification. The first is your username and password, and the second is most commonly a code sent to your phone or email.

There are other methods of MFA/2FA, such as authenticator apps and hardware tokens. For simplicity, we mention the most common methods for consumer applications in this newsletter. If you want to learn more about other authentication methods, check out: Types of Multi-Factor Authentication (MFA)

🚨 Why it matters? In our last newsletters, we discussed:

  • Phishing and how hackers can easily obtain your username and password.

  • Passwords and how weak passwords can be cracked in just a few seconds to minutes.

  • The Dark Web and how attackers can exploit your personal information.

Your digital security is always vulnerable to exploitation. MFA is important because even if your password is cracked or identified via phishing, there is a second layer of verification. This is especially crucial if you use the same password across multiple accounts, which we strongly recommend against.

Here's what the typical multi-factor authentication process looks like:

Example: Chase Banking Multi-Factor Authentication Process

Example: Chase One-Time Code Text

🚨 Never provide the one-time code, like the one in the example above, to anyone who contacts you. The person requesting the code is attempting to access your account.

😎 Grandkid Tip of the Day:  

  1. Enable 2FA on all your accounts where securing your data is critical, especially for financial institutions. For instructions on how to do this, search for "Multi-factor authentication" on your institution's website.

  2. Be aware of MFA and 2FA phishing texts or calls. If you receive a verification code you did not request and someone calls asking for it, do not provide it. This means someone is trying to access your account.

  3. MFA/2FA doesn't fully protect your accounts from being exploited, but it does make them harder to access by adding an extra layer of authentication.

⭐ Share a story by replying to this email! - If you or someone you know has been hacked or compromised, share your story! We are always looking to raise awareness within our community!

πŸš€ Sponsor a Newsletter! Do you want to sponsor a newsletter? Reply to this email to contact us.

Got this email forwarded? Subscribe below.