Security Basics – What is Multi-factor Authentication (MFA)?

Devices and accounts are important tools that help us stay connected. But they also contain business, personal, or other confidential information that you don’t want to fall into the wrong hands. And while secure passwords are an essential part of protecting your accounts and data, they are fallible. Cybercriminals can use various methods to guess, steal and compromise your passwords.

Go beyond just password protection by enabling multi-factor authentication, which requires additional verification (like a PIN or a fingerprint) to access your devices or accounts.

What is multi-factor authentication (MFA)?

When you sign in/log in to an account, you’re proving to the application or device that you are who you say you are. Traditionally this is done with a username and a password.

Multi-factor authentication means that you need more than one authentication factor to log into a device or account. You might hear it called ‘Two-step verification’ or ‘multi-factor authentication’, both speak to the same principle of needing more than one method of proving who you are. For example, to unlock your phone you may need to enter a passcode AND scan your fingerprint. Or when logging into your online banking account, you enter a password AND are asked a secret question that needs to be answered correctly

Why do you need MFA?

The single authentication method of username + password is no longer enough to secure your data and accounts. Cybercrime methods keep getting more sophisticated and in turn, you need to step your defenses.

Enabling multi-factor authentication provides an additional layer of security beyond your password, making it that much more difficult for cybercriminals to break through to your accounts and access your data.  If cybercriminals gain access to one piece of information (e.g., your password), they still need to provide additional pieces of information to successfully gain access to your accounts.

Multi-factor authentication is easier than you think, as it is all about YOU.

Who you are.

  • Fingerprint scanner
  • Voice verification
  • Facial Recognition

What you know.

  • Security questions
  • Passwords or passphrases
  • PINs

What you own.

  • SMS authentication (a texted code to your cell phone)
  • Application-based authentications, ex) Microsoft Authentication App
  • Hardware token (a small physical device, ex. key fob)

Did you know?

A simple 2-step verification can protect you from:

  • 100% of automated bots,
  • 96% of phishing attacks,
  • 76% of targeted attacks.

Get started with multi-factor authentication.

Most social media sites, online applications, and many devices offer the option to use multi-factor authentication in their security settings. Whenever possible when MFA is available to enable, opt-in.

MFA and other security measures for your business.

Stay tuned for our next Multi-factor Authentication blog as we talk about MFA protection for your business. We will be speaking to Conditional Access for Microsoft 365 that can help deliver MFA services to your Microsoft 365 environment.


Let us know if you need any assistance with MFA or other security configurations and implementations for your business.  We are here to help you protect your employees and your confidential business data.

Contact us when you’re ready. We make I.T. easy.

Small Business