October 2019 – Multi-Factor Authentication


What it is and why you need it now
Posted on October 1, 2019

Security for your home or business can be compared to your IT security. Many of us have more than one lock on the door for added protection at our home or business. Maybe you have an alarm system for additional security. Similarly, employing strong passwords is an absolute necessity when it comes to securing your data but in today’s world where cybercrime is more sophisticated and prevalent, many businesses are becoming more aware of the need for additional ways to “lock down” and protect their valuable data.

Multi-factor Authentication (“MFA”) is one security strategy that protects your company’s platforms and users.

What is MFA? (or “2FA” if only two factors are used) MFA protects your accounts by adding another proof of your identity, making it harder for the bad guys to impersonate you. The basic principle of MFA is to have more than one factor that proves who you are. Start with something you know (a password or pin code) then add something you have (a phone or smart card) and maybe add something you are (your fingerprint, face ID, or voice).

Why do I need to do this? Passwords are not as secure as people want to believe, especially when they use weak passwords or use the same password everywhere. Remember that hackers have programs they can run constantly to break passwords. Also, you or one of your employees could fall victim to a phishing scam, giving a hacker access to your data or network.

MFA is a way of stopping hackers from getting access to your accounts. Even if they are successful at hacking your password, they still only have one key to open a door with two or more locks – they can’t get in! Having multiple ways of authenticating who you are drastically reduces the danger of being hacked.

There are two drawbacks to MFA. First, it is an extra step when signing in to each account, but you’ll soon become accustomed to the extra 30 seconds it takes. Second, if you are using a device, such as your phone, and you lose it or forget it somewhere, you will not be able to access your accounts without jumping through some painful hoops. Despite these limitations, MFA is quickly becoming the standard of security for businesses.

So how do I set it up? You already have the first part in use – something you know – which is your strong password. What you need now is either something you have or something you are. The easiest way to do this is by using your phone since most people have their phone nearby at all times for easy reference.

There are many programs that allow you to do this. Two we recommend are Authy or Google Authenticator. Both are free and the process to make them work is simple – download the app on your phone, then use your computer to log into the account you want to secure. Activate multi-factor authentication and scan the QR code into the app with your phone. Once you type in the code from your phone into the verification window on your computer, you are set up. allCare IT’s favorite is Authy because of the capacity to regain access to your accounts if your device is lost. Duo is also an excellent paid-for option to consider that also has extra options.

Confused? Don’t worry – we’ve done this many times and would be happy to help you get set up. Email helpdesk@allcareit.com or call us at 613-817-1212.

Ok, you’re set up what now? Not much will change; Log in to your accounts as normal. After you enter your password, you will be prompted to enter a code from your phone. Simply open the app on your phone and look for the code that matches the account. Type in the code and you’re good to go!