Cybersecurity Awareness Month Banner Alternative

Week 2: Turn on multifactor authentication

Add a Second Lock: Activating Multi-Factor Authentication (MFA) 

A password alone is like a single lock on your digital door. Multi-Factor Authentication adds a second lock, something you have (your phone or a hardware key), or something you are (your fingerprint or Face ID). Even if a hacker gets your password, the additional factor prevents them to get in and gives you an alert of the attempted breach.  

MFA

What’s Multi-Factor Authentication & Why Use It? 

Multi-factor authentication (MFA) is a login system that requires more than one type of evidence that you actually are you: first you provide something you know. Your password. Then you authenticate with something you have (e.g. a 6-digit code sent to your phone, a USB stick etc.) or something you are (e.g. your fingerprint or Face ID). The requirement of two independent factors will ensure that virtually no one else can log into your account. 

Having a minimum of two of these independent checks on your account is critical because it provides a robust level of protection as follows: 

  • Prevention against stolen password attacks: A hacker may get your password from a breach or other means, but they cannot login without the MFA.

  • Foils most phishing: Fake login pages won’t able to initiate a real app request. 

  • Alerts you of login attempts: A uninitiated MFA request lets you know someone has your password and attempted to login. 

  • Meets security standards: Banks, campuses and employers around the world are now requiring using MFA.

Understanding Your MFA Options 

All MFA methods provide protection, however, different MFA methods provide different levels of protection. Below are examples of what a good MFA method and a better MFA method would be to help you select the appropriate 2nd lock for your accounts. 

•  GOOD: Text Message or Voice Call Codes 
      After you enter your password, you will receive a numerical code sent to your phone via SMS or phone call. 
      (This method is very common and perhaps the most convenient to begin with, and is better than nothing, but is also the least secure MFA method and may be easily intercepted by highly competent attackers.) 

•  BETTER: Authenticator App (Recommended) 
      Just an app on your phone (like Microsoft Authenticator, Google Authenticator, or Authy)
      that constantly generates a 6-digit code that you use to unlock your account or it will send a simple "Approve/Deny" push notification. This is the most common and most secure method for individuals. (Most of these apps are free)

How to Put It into Practice 

  1. Install an Authenticator App or Register a Hardware Key: The most secure options are apps like Microsoft Authenticator and Google Authenticator, or hardware keys like a YubiKey. 
  2. Enable MFA on Your Most Important Accounts: Start with your email, banking, and cloud storage. You can generally find the settings to enable it under Settings→ Security→ Two-Factor Authentication. 
  3. Scan the QR Code to Link Your Account: Use your authenticator app to scan the QR code provided by the platform to link them. 
  4. Store Recovery Codes Safely: Download or write down a one-time use backup code. Keep in a safe and offline place (like a safe or alongside other important documents). This will allow you emergency access if you lose your device. 
  5. Add a Backup Factor (Optional): For even extra safety, register a 2nd device or hardware key so you are not completely locked out if the first device fails. 

Pro tip: A low-cost hardware security key lets you approve logins with a single tap, even if your phone is dead, and it completely defeats phishing. Keep one on your keychain and a spare in a safe place. 

  

image that says Turn on multifactor authentication

Report Phishing

Report an Incident

Questions