As concerns about password security grow, multi factor authentication is an increasingly favoured way to protect an organisation.

How does Multi-Factor Authentication (MFA) work?

Single-factor authentication is your classic username & password combination. (Read here why that’s such a critical combination)

MFA adds in another layer of security on top of your username & password, such as a One Time Password (OTP). This OTP can come in a few different forms:

  • text message
  • code on your phone
  • fingers
  • facial recognition

Why is MFA effective?

Losing your username and password is relatively common due to the multitude of data breaches that occur each day. Check out www.haveibeenpwned.com to see if your username or password have been compromised.

If an attacker gets your username and password, they still can’t access your systems without having access to your mobile phone (which is a lot harder for an attacker to get access to).

How does an attacker get usernames and passwords?

There’s a few ways this can happen.

  1. Post-it notes!
  2. You click on a phishing email and the link takes you to a fake logon page
  3. You sign up for an online account and that provider is breached

Those credentials are then sold on marketplaces found on the dark web, just like what happened to the Disney+ channel.

What do I do if my password has been breached?

If you’ve checked www.haveibeenpwned.com.au and your username/password is listed you need to go and change ALL instances of that password.

What if I can’t remember where I’ve used my old password?

So long as you’ve abandoned all use of that compromised password you should be ok. Be sure not to use an iteration of that old password anywhere and learn to embrace unique passwords for all of your accounts!

Of huge concern is password sharing! 6 passwords are shared by the average employee.

Password hygiene is a genuine concern for organisations trying to embark on the Cybersecurity journey. There’s a lot to consider, including:

With so many businesses failing at the basics, it’s no wonder that the Cyber criminals are finding things so easy.

Find out more here.