As you may have heard, one of the ways to strengthen the security of your accounts is by activating Multi-factor authentication (MFA) whenever possible. As the name suggests, MFA refers to using multiple authentications (usually 2 or more) to authenticate before gaining access to your account. It is a security system that authenticates users with the following factors:
- Something the users know- Such as a password or a PIN
- Something the users have- Such as a smartphone
- Something the users are- Such as face or fingerprint recognition
The most commonly used authentication is the Two-factor authentication (2FA), which is highly recommended even by authorities to strengthen the security of your accounts. The Cyber Security Agency of Singapore (CSA Singapore) also released cyber tips to advise all internet users to use a strong password and enable two-factor authentication for an extra layer of protection for their accounts.
Two-factor authentication (2FA) is a security system that requires two forms of identification from the user, usually the username and password to be entered by the user during the login, followed by a verification code sent by SMS or email.
This feature is commonly used for logging in to online accounts such as online banking accounts, e-commerce accounts, social media accounts, online gaming accounts, emails accounts, and more. It is highly recommended as it is designed to add an additional layer of protection to block out intruders/ unauthorized access to an account that holds your personal information or other sensitive data. However, activating MFA does not guarantee total protection against cyber threats.
The limitations of this security system include added complexity of logging in to an online account, where additional time is required. Often, the user will have to have their mobile phone/smartphone next to them to complete the authentication process before gaining access to their accounts.
Although the MFA adds an extra layer of security to your accounts, this security system will not be able to protect the user if the verification code/ PIN/ OTP is being shared or accessible by others. In cases such as phishing attacks or identification fraud cases, where the user’s phone is accessible to the intruder, and the intruder manages to guess the password to the phone, even with the verification code sent by text message, the intruder will have direct access to the code.
All internet users are advised to use strong passwords and enable MFA whenever possible. Here are some other IT tips to have better security for your accounts:
Users are advised to set a password even when it’s optional and change their passwords regularly. Make sure to use strong passwords!
2. Multi-factor authentication
Enabling multi-factor authentication (MFA) whenever possible will add an extra layer of security to your account by making it harder for intruders to access.
3. Keep software up-to-date
Ensuring all important software (such as antivirus) is always updated to the latest version so that it is updated with any new features, new defenses against threats, or any bug fixes.
4. Be wary when using public Wi-Fi
The public Wi-Fi is not as safe as it seemed. Users are advised not to access accounts that contain sensitive/ personal information such as banking accounts, email accounts, or social media accounts.
No software can give you total protection. As long as you are connected to the internet, it is important to monitor your accounts and keep an eye on any suspicious activities.
Unfortunately, there is no ‘silver bullet’ in cybersecurity, and Multi-factor authentication (MFA) should not be the only protection incorporated into your business.