• Home
  • Magazine
    • Where to Find Us
    • About Us
    • Contact Us
  • Archives
  • The Team
  • Media Kit
  • Blog
  • Aroundabout Local Media
  • Subscribe

TowneLaker

Your Community. Your Magazine.

  • 2022 Readers’ Choice Winners
  • Best for Bridal 2023
    • Best for Bridal Promotional Opportunites
  • Calendar
  • Share with Us
    • Submit Photos
    • Submit Events
    • Lost & Found Pets
  • Advertise with Us
    • Ad Testimonial Form
  • Get Connected
    • Community Phone Numbers
    • Clubs and Organizations
    • Community of Faith
    • Schools

facebook instagram

Another Layer of Defense to Online Security

April 27, 2020

In the business of information security, professionals preach that the best defense is a layered defense. The more barriers or challenges there are in place, the more secure your system.

Last month I wrote about using a pass-phrase instead of a password to shore up your internet security defenses. This time, I’d like to tell you about another technology, multi-factor authentication, sometimes called second-factor or dual-factor authentication.

Multi-factor authentication (MFA) is a security mechanism that requires users to provide two or more credentials to authenticate their identity. These credentials can take the form of passwords, hardware tokens, numerical codes, biometrics, time, and location. The technology incorporates a combination of the security principles of something you know (ID and password) and something you possess (MFA key).

It is a security mechanism that requires an individual to provide two or more credentials to confirm their identity. For most consumers, these credentials take the form of another text message, usually a number. The MFA service generates a short, unique number or character set, let’s call it a key, required for authentication and sends it to a user’s device (phone, tablet, computer).
Let’s look at a banking example.

When a user navigates to his bank’s website, he’s presented with a log-in request. The user enters his user ID and password, clicks “log in.” Behind the scenes, the MFA service generates a unique key (number, character set) and sends it to the user’s device (phone, tablet, computer — based on the user’s settings). The web page displays a notice instructing the user to enter the unique key. Once the user receives, almost instantaneously, the unique key on his phone or other device, he enters it into the web page and the solution completes the authentication process.

The MFA configuration typically offers multiple communication channels to receive your key. For example, you might have two cellphones associated with your MFA configuration at your bank. If so, the service will direct the user to select where they’d like to receive the key. MFA technology also is time-based. The solution will invalidate the key generated after a short period; usually 10 to 30 minutes.

Is MFA hacker-proof? Unfortunately, no. Either through technology, carelessness or social engineering, all systems are susceptible to cracking. However, to hack your MFA-configured account, a hacker would need to not only know your user ID and pass-phrase, but also possess the device that receives the MFA key.

Setting up MFA is simple, and the technology provides another layer of defense that will improve your information security. So, if you haven’t already, consider adding MFA to your security posture.

– Mike Goforth, an enterprise applications cloud technologist with a large enterprise software and technology provider, specializing in security, operations and compliance.

Filed Under: Secondary

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Read Our Most Recent Issue

Sign up to receive a digital copy of this magazine

See our other titles

Around Cherokee: The Story of our County & Its Cities

Blog

When the Law Fell Silent

Annual GYN Visits Important at Any Age

Seeds: An Offer Too Good to Refuse!

4 Ways to Elevate Your Year With Service

A Message From the Mayor

© Copyright 2023 TowneLaker