How multi-factor authentication blocks 99% of account hacks
Microsoft has revealed that 300 million fraudulent attempts are made daily, to access its customers’ cloud services accounts – multi-factor authentication is the difference between your account remaining secure or being hacked.
Many of these fraudulent attempts are conducted by botnets – numerous devices linked together via the internet, that are used to perform a task.
In this case, these botnets run sophisticated password-cracking programs that attempt to breach your accounts.
Suffering an account breach can be damaging – particularly if you tend to use the same password for more than one account.
A seemingly harmless account breach of a now-defunct social media account you used to use, could lead to criminals cracking your online banking details, or your email account.
Enter Multi-Factor Authentication
Multi-factor authentication (MFA) is the answer, according to a recent Microsoft study, which found that your account is 99% less likely to be compromised if you use MFA.
We also wrote earlier this year about how MFA is the key to securing your business – and this latest endorsement from Microsoft emphasises the importance of putting in place a layered approach to your cyber security.
What this means is that instead of simply using a password to access your account, you are required to enter two or more additional credentials. This means that if your password is breached, your account can still rely on further lines of defence.
So How Does Multi-Faction Authentication Work?
Multi-factor authentication is the layering of your account security by two or more methods. For maximum security, we recommend you use the three central principles of MFA – Knowledge, Possession, and Inherence.
For example, your password is the first factor. The stronger this password is, the better. We recommend using a password generator tool – this way, your password will be far more difficult to crack.
This is because passwords made by people tend to include information specific to that person.
This information could be ascertained through social engineering, including being asked subtly in conversation about family, pets, or sports teams – or even learned through your various online presences, including social media.
Unfortunately, passwords alone, regardless of their strength, are not enough to secure your accounts.
A code sent to your mobile or email address would be a second factor. The obvious advantage to using two factors is that even if your account password is compromised, a criminal still needs the authentication token that is generated automatically and sent to your mobile or email account.
Without access to both of these, your accounts cannot be breached. Botnets are typically able to brute force access to your account by ‘guessing’ thousands of passwords all at once, but without this second factor, the botnet cannot get gain access to your account.
However, if a criminal already has access to your email account, two factors may not suffice. This is why we recommend using the third factor – inherence.
Your third factor of multi-factor authentication might be either fingerprint or voice recognition.
Passwords can be guessed – and whilst it is quite unlikely – so can your second factor of authentication. Your fingerprint or voice, however, is far more difficult to replicate. Especially for automated bots.
With three layers of security in place; your password, your authentication token, and fingerprint or voice recognition – your business and personal accounts are immediately far more difficult to breach.