IT Blog

Using multi-factor authentication online is a new-age security must!

Announcements Hints and Tips Microsoft Security

Are you using multi-factor authentication to secure yourself online?

There’s no doubt about it: not only are phishing and ransomware attacks getting more commonplace, they’re also getting more sophisticated.

Email accounts are the #1 target of phishing attacks – and hackers can successfully impersonate someone else without that person even knowing – and for months!

Social media is also a common target for hacking attacks, as people are all too keen to click on dubious links to intriguing personality and trivia quizzes. (To that, all we can say is, Stop It! You don’t need to know the meaning of your spirit animal’s favourite colour.)

The simple answer to helping protect yourself is multi-factor authentication.

What is multi-factor authentication – and how does it work?

Muliti-factor authentication – also referred to as MFA, multi factor authentication, or 2FA – is an extra security feature that’s easy to set up – and it’s free.

The way multi factor authentication works is that if your account detects that someone is trying to log in from an unfamiliar computer or device, they’ll ask you to provide an additional password. This additional password is a temporary password that’s normally only valid for a short period of time, and is sent to you by text message. So if you’re accessing an account from a new computer, you just input the temporary password and you’re back to normal. And the good news is that you only have to do this once per device, so it’s not going to bug you every time.

But if it’s a hacker trying to log in from anywhere in the world, they won’t be able to access your account, even if they have discovered your password.

Here’s an overview of how multi-factor authentication works:

Which accounts offer multi-factor authentication?

It is offered by many internet accounts – and the list is constantly growing, as more and more technology providers realise the need for multi-factor authentication technology. At the time of writing this article, the list of accounts includes:

  • Amazon
  • Apple ID
  • Dropbox
  • Etsy
  • Evernote
  • Facebook
  • GoDaddy
  • Google (including Gmail and AdWords)
  • Instagram
  • LastPass – read more about this password manager
  • LinkedIn
  • MailChimp
  • Microsoft – including, OneDrive, Xbox Live, Skype and Office 365
  • PayPal
  • Pinterest
  • Reddit
  • Slack
  • Snapchat
  • TeamViewer
  • Tumblr
  • Twitter
  • WhatsApp
  • WordPress
  • Yahoo

Here’s a good article that offers account-specific tips on how to set up multi-factor authentication.

Do you need to set up multi-factor authentication for all those accounts?

We strongly recommend this. We’ll be in touch directly with our Office 365 users to get this rolled out as a standard, but for everything else it’s totally up to you which accounts you set up this security measure for. Think to yourself: “It would be a real pain if my ………. Account got hacked”. And then set it up for those accounts. Personally, I have it on everything I possibly can.

Some of your accounts might even prompt you to set up multi-factor authentication when you log in. So next time you log in, don’t click the ‘Skip’ button – set it up!