Arrow back

What is multi-factor authentication (and why do you need it)?

24 May, 2023

Online security is more important than ever - we rely on the internet for everything from banking to socialising, and with so much of our personal information online, we must protect ourselves from cyber threats.

There are dozens of positive behaviours we can adopt to protect ourselves and our organisation. One powerful tool for improving online security is multi-factor authentication (MFA). In this blog post, we'll explain MFA, why it's essential, and how to use it. Let’s get started.

What is multi-factor authentication?

Put simply, multi-factor authentication verifies your identity when you log in to an account or service.

With MFA, rather than a single password, you need to provide one or more additional authentication factors to prove that you are who you say you are. There are three main types of authentication factors:

Something you know

This is typically a password or PIN. It's something that only you should know. For example, your online banking password or your email account PIN.

Something you have

This is something physical, like a smart card or a mobile phone. It's something that you physically possess. Many services employ MFA by having your phone receive a verification code to confirm that it’s you.

Something you are

This is a biometric factor, like a fingerprint or facial recognition. It's something that is unique to you and cannot be duplicated. You might already be using biometric information to unlock your phone!

Why is multi-factor authentication important?

Single-factor authentication, such as a password, is vulnerable to hacking and cyber-attacks.

Hackers can use sophisticated (and unsophisticated!) tools and methods to uncover passwords or trick users into revealing their passwords through phishing attacks.

Once a hacker has your password, they can access your account and steal your personal information. Worse still, if you use the same passwords across multiple locations, a single breached password will give a criminal access to potentially dozens of accounts.

Multi-factor authentication adds an extra layer of security. Even if a hacker manages to steal your password, they won't be able to access your account without the second factor of authentication.

That’s enough to stop a hacker in their tracks, and can protect you against unauthorised access and data breaches.

Protect your organisation with truly effective training

Join the thousands who've discovered how Bob's Business' security and compliance awareness training reduces risk, demonstrates improvement and builds cultures.

How to use multi-factor authentication

Many online services and accounts now offer multi-factor authentication as an option. To set up MFA, you typically need to go into your account settings and enable it.

Once it's enabled, you'll be asked to provide an additional authentication factor when you log in. Some popular MFA methods include:

  • SMS codes: When you log in, you'll receive a text message with a code that you'll need to enter to complete the login process.
  • Authenticator apps: You'll install an app on your mobile phone that generates a code you must enter when you log in.
  • Smart cards: A physical card that you insert into a card reader or tap against a sensor to verify your identity.

Common misconceptions about multi-factor authentication

Despite the many benefits of multi-factor authentication, there are still some common misconceptions about it.

It's too complicated or time-consuming to use

While it's true that MFA adds an extra step to the login process, the added security is well worth it. In fact, many MFA methods are designed to be fast and easy to use.

It’s only necessary for high-security accounts like online banking

Any account that contains personal information, such as social media or email, can benefit from multi-factor authentication. It's important to prioritise strong authentication methods for all of your accounts to protect yourself and your sensitive data.

MFA eliminates the need for strong passwords

MFA is an additional layer of protection, but it's still important to use strong and unique passwords for each account. MFA and strong passwords work together to provide the best possible security.

In conclusion…

Multi-factor authentication is a powerful tool for improving online security. MFA adds an extra layer of protection against cyber threats by requiring two or more authentication factors to log in.

We recommend adding more than one form of authentication to your accounts, just in case you have a problem with your primary means of MFA. For example, if you use your phone to receive a code but then lose your phone, it will be handy to have a backup option.

While some people may be hesitant to use MFA due to misconceptions about its complexity, it's important to prioritise strong authentication methods for all of your accounts.

By using MFA, you can significantly reduce your risk of data breaches and protect your personal information.

While MFA is a valuable tool, it's not a bulletproof solution

In addition to protecting your accounts, using MFA can help protect your organisation from cyber threats.

However, it's important to note that MFA is not a complete solution on its own. Training your employees to recognise and respond to cyber threats is just as crucial.

At Bob's Business, we understand the importance of cybersecurity for all industries.

That's why we offer unique and engaging online cybersecurity training designed to empower everyone in your team to identify and respond to cyber threats, protecting your business from the 90% of breaches that occur due to human error.

Take action now to protect your business and your customers from cyber threats. Click here to discover our range of cybersecurity awareness training products and start reducing your risk today.

Back to resources

Ready to build your cybersecurity culture?

Whether you’re looking for complete culture change, phishing simulations or compliance training, we have solutions that are tailor-made to fit for your organisation.

Girl with laptop
Boy with laptop
man and woman with laptops
Global Cyber Alliance