Multifactor authentication, or MFA, is one of the most secure methods of password protection. However, it’s also a method that many businesses fail to utilize. Only about 45 percent of businesses are actively applying MFA to their benefit. Why, if security is supposed to be a top priority for businesses, don’t more businesses take advantage of the benefits of multifactor authentication for passwords?
The simple answer: it takes more effort. MFA requires employees to carry their cell phones, and type an additional code when logging into their computer. It’s those extra steps that deter businesses from incorporating multifactor authentication.
Security and convenience are mutually exclusive. More security equals less convenience. The main reasons that more companies aren’t using MFA is that people generally don’t like change, and they don’t like the additional steps. However, the benefits of MFA far outweigh the inconvenience.
When you log into an account or computer, you’re asked for a password so you can prove you are who you say you are. MFA referred to as 2FA, or two-factor authentication, which is similar in that they both require more than one credential to access accounts.
As an example of multifactor authentication, you may have a code sent to you via text, phone call or email. You’re required to copy the code into the provided text box before you can continue. You then receive a prompt informing you that it’s been a significant amount of time since you last updated your password and you must create a new one. These extra security measures, while they may be inconvenient and require extra steps, ensure that if your password is stolen without your knowledge the thief cannot use it without the additional access to your cell phone or email and that the compromised password will expire.
We’ve previously spoken about what catastrophic IT failure really looks like, and how “small-to-medium (SMBs) sized businesses are often victims of IT hackers.” Using all the best security practices means incorporating multifactor authentication for your business. If your password is stolen – which happens more often than you might think – the thief could use it for their own benefit or sell it to one or more buyers. People are often surprised to find that their passwords have been compromised without their knowledge. In our experience, approximately 90 percent of people find that some of their information has been posted for sale on the dark web.
In addition to the possible destruction of your business reputation and the ability of hackers to infect your system with viruses, if your system is breached, personal and sensitive information can be compromised.
Multifactor authentication directly addresses this issue. In addition to the difficulty of obtaining your password in the first place, MFA adds an extra layer of security through the passcode that expires in 30 to 60 seconds. In the event a hacker obtains your password and the passcode, the passcode will not be valid for long.
Best Password Protection Practices From KLH
Our process to increase security includes several steps and measures to decrease threats and ensure optimal protection. We establish a policy for auto-expiring passwords, password complexity and password history. Approximately every 90 days your password will expire. You’ll have to create a new password that follows the established complexity – at least one capital letter, one lowercase letter, one numeric character and one special character. In accordance with the password history policy, the new password cannot be reused within eight passwords.
We advise our clients not to use password apps, which store your passwords for the convenience of not having to remember them. Both online and local password managers have been hacked. Instead, we recommend that you store your passwords on an encrypted thumb drive.
None of our clients have ever suffered negative consequences from a security breach. Our process of implementing MFA is a proven method that maximizes security and keeps your information safe from hackers and password theft.
Avoid the significant cost of a data breach that can critically impact your brand. To optimize the security of your business, you need to incorporate multifactor authentication to protect your passwords and sensitive data.
Contact us for more information on how to implement MFA and optimize e-security for your business.