Multifactor Authentication - MFA

Why introduce MFA?

If you have not implemented MFA yet for your organization, your company and customers are at risk! The world has shifted and the traditional password is no longer enough when logging into applications. More often than not, your password is already out there on the dark web for a bad actor to purchase, along with your username. Implementing MFA will force your logins to require a username, password and now a token that ONLY you will have access too.

Different forms of MFA

• SMS

• Authenticator app (preferred method)

• Phone call

Why is using an Authenticator app preferred? SMS and phone calls are linked to a static phone number, which if the actor knows the phone number, can be used. The authenticator app requires the original phone and is tied only to that device. See Jack Dorsey example below:

https://www.wired.com/story/jack-dorsey-twitter-hacked/

-Keith Cassettari Owner True North IT