July 5, 2024

What is multi-factor authentication?

Summary:

Multi-factor authentication (MFA) is a security measure that requires you to navigate a two-step process to prove your identity before logging into an account. This additional layer of security helps ensure that even if your password is compromised, unauthorized access is still prevented.

MFA’s Importance

MFA is crucial for safeguarding your accounts and data against cyber threats. This includes your financial accounts, social media (e.g., Facebook, Instagram, LinkedIn), email (e.g., Gmail, iCloud, Outlook, Yahoo) or any online accounts you use. By requiring multiple forms of verification beyond just a password, MFA significantly enhances your security by making it more difficult for unauthorized users to gain access to your accounts. This extra layer of protection helps mitigate the risks of password-based attacks like phishing or social engineering attempts and data breaches, ensuring that your information remains secure.

Verification steps with MFA:

  1. User Initiates Authentication: The user attempts to access a system, application or online account by providing their username or email address.
  2. First Authentication Factor (Something You Know): The user is prompted to enter a password or PIN which serves as the first authentication factor. This is something the user knows and is typically the most common form of authentication.
  3. Second Authentication Factor (Something You Have or Are): After successfully entering the first factor, the user is then prompted to provide an additional form of verification. This could be something they have, such as a smartphone or hardware token or something they are, such as a fingerprint or facial recognition.
  4. Verification and Access Grant: Once both authentication factors are provided and verified, access to the system or account is granted.

Common Authentication Methods:

  • Authentication App: Users install an authentication app on their smartphone. The app generates time-based, one-time passcodes that users enter during login or push notifications where the user confirms it’s them.
  • Biometric: Users provide biometric data, such as fingerprint, iris scan, facial recognition or voice recognition.
  • SMS-Based: Users receive a one-time passcode via text message to their registered mobile phone number. They enter this code along with their password to complete authentication.

How to enroll in MFA

Although many banks and investment firms require MFA to gain access to your account, others require you to enroll. Commonly you can find MFA enrollment options within an application, under settings, then security. You will then choose your authentication method and verify your identity to complete the setup process.

What should you do if you receive unsolicited MFA requests?

If you receive MFA requests to your device that you did not authorize, never accept the request. This could mean an attacker has your password and may be attempting to gain access into your account by requesting access. Follow this simple rule, if you didn’t request it, don’t accept it and report it to the Customer Care team.

Related Posts

Protecting Your Finances

5 tips to protect your finances

Mature middle-aged couple family wife and husband counting funds, savings declarations, investments,paperwork, financial documents, bankruptcy, court case, bills, pension with laptop.

Risk Management Strategies for Affluent Individuals

Warning signs of elder financial abuse–and how to stop it