icon

Why MFA is Vital to Your Cybersecurity

Multi-factor Authenticatin (MFA)

Strong passwords and unique secret codes for each account are important for your internet security. But if you really care about cybersecurity, it is not enough. Two-step verification makes it much harder for your accounts to be breached by a malicious person.

Let’s see what MFA is and how it works in simple words

Multi-Factor Authentication (MFA) is a combination of authentication factors that provide additional protection for your accounts. If, for example, your password becomes known to someone who shouldn't, a second layer of protection could stop a malicious person from gaining access to your private information. If someone finds out your Facebook password and you have 2-factor protection in place, you may still be OK since that additional step can circumvent the hacking attempt. Usually, a second factor is an additional code received via SMS or an additional service that, when passed, will give you access to your personal information.

Different services may use different names for MFA, but the principle remains the same: Your accounts get extra protection. Let’s mention some of the well-known services and the names of their additional protections:

  • 2-Step Verification: LinkedIn, Google, Microsoft, Facebook, Apple, Amazon
  • Login Verification: Twitter
  • Multi-factor Authentication: Amazon AWS, Rackspace, Microsoft Azure, NC DIT.

A quick guide to enable MFA for the most popular services

Gmail has a 2-step authentication landing page. All you need is to click the “Get started” button, login with your password and use a cell phone as your second factor.

Use the Settings menu in Facebook. Go to the “Security and Login” page, scroll and choose “Extra Security” point, and then select the “Use extra two-factor authentication” button. Choose the mean sof additional protection you like. It can be either SMS or Recovery Key and code generation. Two additional methods are available for use at the same time. 

To set 2-factor authentication in PayPal, navigate to the “My account page” and the gear icon in the right upper corner of the screen. Then follow this route: “Security tab” > “Security Key” > “Update”. While “Security Key Setup” accepts your phone number, you will get a security key via SMS.

Of course, Amazon also offers MFA protection. You need to go to “Accounts & lists” > “Your Account” > “Login and security”. Scroll down to “Advanced Security Settings” and click “Edit”. After getting started, you will have to use your phone number for verification.

There is large variety of 2nd factor authentication methods to choose from:

It can be something that you can remember or know (i.e. a password, picture, PIN, security/challenge questions, pattern drawn, etc.)

It can be something that you have possessed since birth. This group can further be divided into two parts:

  1. static biometrics – eye iris scan, fingerprints, hand geometry, facial recognition
  2. dynamic biometrics that can change throughout your life – voice pattern, typing rhythm, signature 

It can be something you have, a so-called "token-based authentication," which can be subdivided into two types:

  1. hard tokens - multi-factor OTP, single-factor cryptographic devices, smart cards, and memory cards
  2. soft tokens - PUSH, SME, QR code, etc.

Hardware MFA and Hideez Key

Hardware tokens are unique and have both advantages and disadvantages compared to other forms of multi-factor authentication. Hideez Key is one type of hard token that can act as your 2nd factor authentication and keep about 1,000 accounts. With the press of one button, you can input OTP automatically without the need to take out your phone, run an application, find your account and input your password.

Hideez Key uses a Bluetooth connection to synchronize across customer devices, minimizing the risk of security breaches. Hideez Key offers advanced security without risk of your information being transmitted over the Internet and all that can entail. It's easy to setup Hideez Key for 2FA authentication. Watch how it works with well-known cryptocurrency exchange KUNA.IO in this video.