Staying on the password theme – so as we know, passwords are dead and loads of passwords are simple, well known and easy to break with 1000’s of dictionaries freely available to anyone who wants to find them and use them to break your password.
So what are the solutions? Well that’s easy – 2FA! MFA! BIOMETRICS! 2STEP-VERIFICATION; or is it? What does it mean?
What does MFA mean? What is 2FA and 2STEP-VERIFICATION and what are BIOMETRICS? Is it really that helpful? Are they really good for your security?
The simple answer is – YES.
But let’s start at the beginning, what does 2FA, MFA and Biometric mean?
MFA stands for Multi-Factor Authentication. It is a security concept for granting access only for users who can use at least 2 of 3 different evidences that they are who they claim to be and that they can be authenticated. In this concept the three different evidences are :
- Something you know – knowledge based evidence – like password or pin code
- Something you have – possession based evidence – like bank card or physical token
- Something you are – evidence of something that user can only be – like fingerprint
2FA stands for Two-factor authentication and is (as you probably figured out by now) a subset of the above mentioned multi-factor authentication. The best example, used by everyone probably daily, is using your payment card to pay and confirming transaction with your PIN code. This is it – every time you do this you use Two-Factor Authentication.
So what is 2-Step Verification? And how is it different from 2FA and MFA? The difference is it uses only one of the factors in two different steps. For example providing password first and then selected numbers of your access code, this is not 2FA this is not MFA – it is the same type of factor – something you know, used twice.
This is essentially the ‘Something you are’ factor – your face, your finger print, your retina scan – used as one of the ways to authenticate you.
So are these factors and methods good in helping with your security? Of course they are! Adding second factor to your password – or even simple second step – makes it a lot harder for a criminal to break in. If the services you are using have option for MFA/2FA/2SV go ahead and use it.
Is it bullet proof ? no – but unfortunately nothing is.