At least 8 characters. A mixture of both uppercase and lowercase letters. A mixture of letters and numbers. Inclusion of at least one special character. Hard to guess but easy to remember.
There have been a lot of rules around passwords. A lot of websites now judge you on password strength, and begrudgingly let you sign up with a ‘medium’ written in warning yellow. Nothing less than a randomly generated string of letters, numbers, and punctuation seemed to pass the test. Then there was the matter of remembering it without writing it down or saving it anywhere.
Password managers became a must. They made the task of remembering your increasingly impossible password simple. Problem solved.
Now, we must face the fact that phishing scams are getting more sophisticated. Hackers are more talented. How do we stop them? accessing our accounts?
What is MFA?
Multi-Factor Authentication (MFA) is an electronic authentication method through which a user requires two or more verification factors to gain access to a resource, such as an application, website, portal, or VPN. When logging in, users will be prompted for their password as normal. Following this, they will be asked either for a code or to approve the login; this will be accomplished on a separate device. Typically, this is done via a mobile phone app, such as Duo or Microsoft Authenticate.
Users will need to ensure they have an authenticator to log-in when MFA is enabled
Why do I need it?
MFA protects against phishing, social engineering, and password brute-force attacks. It prevents logins from attackers exploiting weak or stolen credentials and gives an extra layer of security when accessing accounts remotely.
Far from being deterred by new anti-cybercrime measures, the Nation Cyber Security Centre reports that cases of cyber attacks for businesses are only increasing. As measures against cyber attacks improve, so do the methods of the cyber criminals themselves. In an early-April report by the NCSC, it was found that the average cost of a cyber-attack in the last 12 months was £4,200 per incident.
If you need help with MFA, or any kind of IT Security or Cyber Security Awareness training for your staff, get in touch. We would love to hear from you!