We all know the annoyance of signing into an account that you’ve used for years and then being prompted with the question of “would you like to use multi-factor authentication”? Not only does this question spark anger, multi-factor authentication can be rather frustrating. Trust us, even as an IT company, we feel your pain!
Multi-factor authentication (or MFA) is defined by onelogin.com as “a security system that verifies a user’s identity by requiring multiple credentials.” Think about when you go to sign into a Google account, you’re prompted for your email, then your password and then you’re redirected to a page asking for a backup email or a phone number. You might be currently ignoring these redirect pages because of how annoying they are but they’re simply begging you to further protect your account from breaches.
Do you think that you’re immune to account detail breaches? We suggest you be less comfortable with ignoring the prompts for MFA and also use a few different passwords. This way, if someone does breach one of your accounts then your other accounts can’t be hacked right along with it. MFA will stop the chances of hackers even getting to that point and it’s important for all of your accounts (even if it’s one without any sensitive information on it) to be as protected as possible.
Here at IT Support Specialists, we understand that MFA is extremely important. We use authenticator apps and encourage employees and clients alike to agree to MFA any time they are prompted. When you sign up for MFA, you will be most often prompted to provide a telephone number that the authenticator can then text when you are logging into your account. Essentially, any time that your account is being accessed, a text will be sent to your phone with a code that you will then have to enter on the website to log into your account. While this may seem redundant when you are logging into your own account, it can be the difference between your account being hacked or not.
MFA happens to be the number one thing to stop hackers. One client that we worked with in the past had a huge hacking incident happen to their servers. We were there with them to help clean up the damage and salvage as much as we could with a backup, however, they didn’t learn their lesson. Once a hacker has the keys to your castle, they’ll come back and hit you again since it was so easy the first time. The second attack on their data finally spurred them into using MFA and they haven’t been hacked since.
We know it’s a pain but it’s free security! We know that activating MFA can seem pointless but you may not always be the only one trying to log into your account. It’s the easiest thing in the world, put in a phone number, an email, or answer some security questions with a single click. Would you rather have to deal with adding an extra step to your login or be woken up at 4:30 in the morning by notifications of someone in Bangladesh trying to log into your account?