Do you have MFA on all your accounts – banking, work, social media accounts… If not It’s time to turn on MFA & every online account need MFA like yesterday!

We use passwords for all kinds of online activity, from social media to our bank accounts. You can probably think of a dozen accounts you have passwords for right now. 

Unfortunately, data breaches including password theft have become so common place that the World Economic Forum considered cyber-attacks among the top five risks to global stability in 2019. 

Multi-factor authentication is currently one of the best and most basic defenses you can have to stop the wrong people from easily logging into your accounts. Let’s look at what it is and how to set it up.

WHAT IS MULTI-FACTOR AUTHENTICATION?

Multi-factor authentication (MFA) is a security feature offered by many online services today that sets up a second verification method for logging into accounts. That second verification method is triggered when certain conditions are met.

Let’s look at that and clear up some of the terminology.

WHAT IS A SECOND VERIFICATION METHOD?

When you log into an account with your username and password, your username and password are the FIRST verification. That shows that you own an account with the service. The second verification usually calls for a second device, like your cell phone. 

For example: You log into your email with your username and password. If you have MFA set up and conditions are met to trigger it, before you can access your account a text message with a unique code will be sent to the cell phone you connected when you set up MFA. You’ll need to enter that code online before you can finish accessing your account. 

The second verification method doesn’t always have to be a text message. For example, Google accounts sometimes send a regular push notification that allows you to just tap a prompt on your phone to continue logging in instead of entering a code.

Some accounts also allow MFA to be set up using an “authenticator app.” An authenticator app generates a unique code every 60 seconds that you must enter to log into accounts connected to it. Authy and MS Authenticator are two of the most popular authenticator apps.

Right now, you might be imagining that it would be a huge pain to have to enter more than your username and password to log into your accounts all the time. Luckily, even with MFA activated, that isn’t the case.

WHAT ARE THE CONDITIONS THAT TRIGGER THE SECOND VERIFICATION METHOD?

Turning on MFA won’t cause logging into your accounts to be a pain because you’ll rarely trigger the second verification method yourself. Here’s why:

Most accounts recognize the device you are logging in on. This is how you’re able to check the option to “remember me for 14 days” on some accounts and not have to re-enter your password at all during that time. 

Your location is also usually recognized. If you always log into your email from your home or your office, these locations will be recognized. If you visit a friend in another city or state, your location won’t be immediately recognized. 

Changing either of these two conditions, the device and location, are often what trigger a second verification method when using MFA. So, when you log into your email from your regular computer or laptop at home or at your office, you won’t have to deal with the second verification method at all after using it once. 

Why is this so helpful? With MFA set up, if someone tries to log into your account from another device or in another location, they won’t be able to, even if they have your exact password. The MFA will present them with a second verification that they won’t be able to get past. In addition, you’ll notice immediately that your password has been compromised because you’ll receive a notification for a login attempt you know you didn’t make.

SETTING UP MULTI-FACTOR AUTHENTICATION

MFA must be set up on each account you want to use it for; there is no universal set up at this time. Fortunately, it’s pretty easy to set up on the accounts where it is available! We’re going to look at how to set up MFA for some specific accounts below, but in case the account you want to use it for isn’t listed here, these are the general steps:

• Log into the account you want to protect
• Find the account settings
• Find the security settings option
• Look for a multi-factor authentication (MFA) or 2 factor authentication (2FA) option
• Follow prompts to complete the setup

Remember, MFA isn’t the only way to keep your passwords safe. It’s also important to do the following:

• Use a strong password. Strong passwords should meet all of these requirements:
  • be at least 16 characters long or more, or as many as an account allows if it is less than 16
  • use upper and lowercase letters, numbers, and special characters (where allowed)
  • be random – a password such as “MyTechIsSafe123!” is not as secure as a password like “vCQEe!EK47SayS_B.”
• Make passwords unique and never use the same password for more than one account. If a password is compromised on one account, it compromises all the others.
• Use a password manager such as LastPass, Bitwarden, or Keeper. Bitwarden offers a free password manager with everything you need so you don’t have to remember all of your long, complicated, unique passwords.