DriveLock Blog | IT Sicherheit und Cyber Security

Strong passwords with Multi-Factor Authentication

Written by DriveLock | Aug 20, 2019 6:09:00 PM

 

what is multi factor authentication?

Multi-factor authentication (MFA) is a security mechanism that adds an extra layer of protection to user accounts and systems. It requires users to provide multiple forms of identification or authentication factors to verify their identity. Typically, MFA combines something the user knows (like a password or PIN) with something they have (such as a smartphone or security token) or something they are (like biometric data such as fingerprints or facial recognition).

By requiring multiple factors, MFA significantly reduces the risk of unauthorized access, as an attacker would need to possess multiple pieces of information to bypass the authentication process. This method has become widely adopted in various domains, including online banking, email services, and corporate networks, to enhance security and protect sensitive information.

 

Multi-Factor Authentication: Why you should change your simple password?

Our need for simplicity and often by utilising the same password for multiple accesses becomes one of our biggest cybersecurity vulnerabilities. Accessing your devices, emails, and accounts can be a chore especially when having to remember complicated and irrelevant passwords. But having simple passwords can backfire when it comes to hackers. Reliance on passwords alone leaves companies vulnerable, especially with weak passwords such as; 123456 which topped 2018 as the most commonly used and hacked password.

The increasingly realistic phishing emails and with the media regularly reporting about new leaks, almost all websites demand minimum lengths and character combinations to make passwords more secure. More companies are developing the cybersecurity awareness of their employees with training courses. 

In Singapore, 60% of businesses agree that their cybersecurity practices are outpaced by the rapidly expanding nature of cloud applications. Other inept security practices which allow cybercriminals to compromise your data include a lack of encryption appliance and multi-factor authentication. While data breaches can have a clear impact on a business' bottom line, it is not only the sophisticated cloud technology that has increased this problem but also the elementary security practices of most companies.

 

HOW DOES Multi-Factor Authentication WORK?

Mutli-Factor Authentication is a easy way to protect your sensitive data. Find out how it works in 5 steps:

  1. The user initiates the login process by providing their username or email address.
  2. The system prompts the user to provide the first factor, which is typically something they know, such as a password or PIN.
  3. After the first factor is verified, the system prompts the user to provide an additional factor, which could be something they have, like a smartphone, or something they are, like biometric data (fingerprint or facial recognition).
  4. The user provides the second factor, which is then validated by the system.
  5. If both factors are successfully verified, the user is granted access to their account or system. However, if any of the factors fail to authenticate, access is denied, and the user may be prompted to try again or take alternative actions (such as password reset).
 

Advantages of Multi-Factor Authentication


A way to significantly strengthen your password is to combine it with other factors: multi-factor authentication (MFA). MFA is critical in protecting businesses from identity theft and unauthorised access to company data. MFA usually comprises of three key elements:

  • A password or pin only the user knows
  • Ownership of an item, for example, smart cards
  • And biometry, the voice or optics of the user 

As outlined above, one of the key advantages of multi-factor authentication is that each layer supplements and accounts for the others' weakness. For example, the password that the user knows may be weak and easily hacked. But with MFA, unless the hacker were to obtain the above three elements, a breach is highly unlikely. MFA strengthens your security and is essential for cybersecurity. 

MFA also leads toward more compliance with international standards to protect the sensitive information of users, customers etc. For example, The General Data Protection Regulation (GDPR) does not specifically require MFA, but various provisions within the Security Rule highlights the need for a stronger authentication process. This process is none other than MFA.

Indeed, with cybersecurity trending as a top priority for many businesses, especially with the expansion of cloud technology, more and more companies are implementing MFA. Markets And Markets predicted that by 2022, the MFA market is set to reach USD 12.51 Billion. This shows that many organisations believe in the significant role MFA plays and how it is, right now, one of the best security measures you can implement to protect your company, your users, and their sensitive data.

Challenges of MULTI-FACTOR AUTHENTICATION

Nevertheless, MFA with smart cards is still not a standard in many companies. This is partly due to the costs for the introduction and daily operation as well as the administrative effort needed to maintain these smart cards. Companies need to discount approximately 10% of smart cards annually for loss, wear or theft. The maintenance is made difficult after the initial few years because the originally purchased smart cards are discontinued or only made available through a corresponding surcharge from the manufacturer.

Those who do not opt for a vendor-independent smart card middleware from the outset, are faced with further follow-up costs or even replacement fees for the complete hardware installation. All these factors can increase the total cost of ownership of physical smart cards and delay the use of multi-factor authentication at the expense of security. 

 

Drivelock Virtual Smartcards

Identity and Access Management - our "smartcard middleware" and "virtual smartcard" offer.

Virtual smart cards (VCSs) imitates the same functionalities as a physical smart card, only they combine software and existing hardware, the Trusted Platform Module (TPM) which exists on many computers, to secure data. This makes VSCs significantly more time and cost-effective. 

VSCs work like physical smart card readers with an already inserted card and are recognised as such by the Windows operating system without any additional setup. They are bound to the respective device (e.g. PC or laptop) and are used like a normal smart card for the authentication in various scenarios including: Windows user login, web applications, e-mail signature and encryption, file encryption, VPN dial-up and many more certificate-based applications.

Virtual smart cards effectively diminish password vulnerability and strengthens your IT protection.