The benefits of multi-factor authentication

One of the greatest threats to our security is phishing. Whilst the best defence against such is awareness training and critical thinking, a solid security infrastructure that employs the appropriate use of multi-factor authentication (MFA) can also be highly beneficial in this mission.

The three categories of multi-factor authentication

The tenets of multi-factor authentication (MFA) are:

  1. Something you know
  2. Something you have
  3. Something you are

In other words, this could be, respectively, a password, a time-based one-time password (TOTP) and biometrics.

TOTP may be one of the most widely used methods of authenticating oneself, whether that is to pay for your groceries online or to login to the company’s VPN solution. Using TOTP in your security infrastructure is a good way to make sure that the one signing into a service is very likely to be who they claim they are. It is quite a task for a malicious actor to not only acquire the login details of a victim, but also having to have the right TOTP at the right time. Hence, this form of authentication should be employed wherever possible.

While everyone may be familiar with passwords and TOTPs, there is still a long way to go for many to implement TOTPs or similar security strategies into their businesses.

TOTP is a good way to ensure the one signing into a service is very likely to be who they claim they are.

Biometrics, while still in early stages and far from perfect, can also provide additional security where needed. The success of consumer solutions such as Windows Hello and TouchID have proven biometrics to be both an easy and relatively secure practice to adopt. It takes away the hassle of typing out sufficiently secure passwords, does not show them to the immediate environment and is (hopefully) always carried with you.

Biometrics is proven to be both an easy and relatively secure practice to adopt.

Another benefit of biometric access is that the authentication key is not inherently sharable. While stealing a finger, or potentially less macabre, only its print, is technically possible, it is rather unlikely to happen. Biometrics therefore allow one to easily follow the AAA principle (authentication, authorisation, and accounting) where one’s authentication key is assumed to be unique to one specific user.

It’s also important to remember that most people use their phone as their TOTP device. Most of these phones have the capability of biometric authentication and thus “something you have” is also secured by “something you are”. We may therefore see that these three tenets play into each other; they overlap, hence further enhancing security.

Author: Maxine Brandal Vågnes, Security Analyst, Sorasec


Do you want to learn more about multi-factor authentication and how it can help you reduce security threats? Contact us!

Our latest posts