Multi-factor authentication, simply explained
You don't know what Multi-Factor Authentication, or MFA for short, means? No problem, I felt the same way a year ago. Most articles on the subject are very complicated and technical, but I wanted a simpler introduction at that time. If you feel the same way, this blog is perfect for you: my accumulated knowledge on the subject, explained in a simple way.
What is authentication?
Authentication is the name for the process of confirming identity. It sounds more difficult than it actually is.
In everyday life, you identify yourself all the time without realizing it:
- with an ID card or driver's license
- with your credit card and PIN at an ATM or when making a payment
- with the password at Netflix or Amazon
The password is the most used method to "identify" oneself online. But precisely because it has been used for so long, people with criminal energy have developed many methods to circumvent or crack this hurdle. That's exactly where MFA comes into play.
It is designed to provide additional security to your accounts, it virtually relieves your password. As the name Multi-Factor suggests, it includes several factors.
How the factors work
In Multi-Factor Authentication, the system verifies your identity or access authorization using not just one factor, but multiple factors. The 3 most commonly used are:
- Factor of knowledge: something you know, for example, a password or PIN.
- Possession factor, something you own, for example your smartphone or other security token (something like a key).
- Factor of inherence, Something that you are: Your fingerprint, facial features, etc.
You have already used multi-factor authentication, namely at the ATM. As already mentioned above, you not only need to know your PIN for this, but also have the credit card.
Other factors include, for example, the factor of the location, here you can only log in with your account at a certain location. However, the most common method for general use is 2-Factor Authentication, or 2FA for short, and mostly uses the above mentioned 3 factors.
2-Factor Authentication in detail
If you want to better protect your most important accounts right now, enable 2-Factor Authentication. In our last blog post we explained the setup for Paypal in more detail.
The principle behind it is quite simple: in addition to the password, a 6-digit PIN (abbreviated TOTP) that can be used for a limited time is sent to your smartphone or generated in an authentication app. You have to enter this PIN in addition to your password.
Two passwords, isn't that the knowledge factor twice then? No, because the important factor is the ownership of the smartphone. Without it, you have no access to the additional and time-limited PIN. The only disadvantage is the significantly more cumbersome login, especially for many accounts with active 2FA.
Your security without any disadvantage
In today's digital age, there is a suitable software for every problem. Our solution, heylogin even goes one step further than the competition and does without a password for the user.
Instead, we rely on the smartphone as the authentication method. This makes us 2-factor secure by design: first a swipe to confirm ownership, then unlocking the smartphone via PIN or biometrics as a second factor. This way, all data is secure, even without a master password. And after that, you can log in to any website with just one click for the rest of the day.
Your advantages:
- Never type passwords again, just log in with one click
- Authenticator app is replaced, 2FA PIN is automatically filled in when logging in
- Team features make work easier thanks to easy sharing of logins and access rights
Now you know
You see, MFA is not as complicated as you think. The basics are simple and the necessary steps usually chosen so that every user can apply them. Whether you want to explain the topic to someone or dive deeper into the matter, with this basic course you should be well prepared.