Do you ever log in to an online account and are forced to provide more than a password? Sometimes we are texted codes, given facial recognition capabilities, or other authentication techniques to even reach a home page for one of our accounts. This security technique is known as multi-factor authentication. More formally, it is a method in which a device user (such a computer, tablet, or phone) is granted access only after successfully presenting two or more pieces of evidence (or “factors”) authenticating the user.
This security technique has become extremely popular due to its strong statistics supporting its use. According to Microsoft, who sees over 300 million fraudulent sign-in attempts targeting Microsoft cloud services every day, enabling multi-factor authentication will end up blocking 99.9% of automated attached. With over 80% of hacking-related breaches caused by stolen or weak passwords, this security type has become essential.
The old advice of password techniques such as never use a password that is your birthday, never use a password that has been breached before, or never use a visible password is exactly that, old advice. Passwords often do not seem to matter anymore. Blocking leaked credentials and password advice has seemed to generally be ineffective as hackers have become effective at gaining access through other methods other than using birthdays and additional personal information.
The issues with simple password access led to the creation of these additional access systems. Originally called two-factor authentication, the primary method of additionally securing an account was through combining a password with a one time code that would be texted or emailed. A variety of high-level vendors and security options emerged, many with significantly positive results. This technology was expanded to allow for multiple authentication options beyond the simple password and code options. The use of these authentication techniques can now be seen throughout technological ecosystems in items such as bank accounts, VPN, web service documents such as Google Docs, and shopping accounts such as amazon.
Some of these services are somewhat “off the shelf” while others are extremely customized. Service frameworks vary far and wide, as do the monitoring platforms for tracking each system’s success and threats. Our team provides any and all features a company could desire, while also cost-effectively achieving this.