Passwords made simple! What is MFA and 2FA?

Passwords made simple! What is MFA and 2FA?

Let’s be honest. Remembering passwords on top of the million other things to do in any given day is a lot. Are your team’s passwords fairly similar across multiple online accounts? It’s okay, you are not the only business doing that here in New Zealand.
Most people reuse their passwords over many different applications and have one or two passwords only. With the increased need for security, however, there are now much better ways to protect your accounts and provide additional layers of security.
Nowadays almost all online services, banks, social media, shopping have added a way for your accounts to be more secure.
Here we help you to understand MFA and 2FA plus introduce you to Keeper to manage your passwords.

What is MFA and 2FA?


Maybe you’ve heard of the term MFA or 2FA and are slightly confused. Let us help you break what this is and why you need it.
MFA = Multifactor authentication (requires 2 or more factors of Authentication)
2FA = Two factor authentication (requires 2 factors of Authentication)

In the old days!
In the old way of doing things you signed in to your online accounts in a process called ‘authentication’. That included a basic login and password.

For example:

  • Login = Matt@olddays.co.nz
  • Password = Matt's dog or Matt's birthday (something that Matt could remember easily and something that Matt used across all of his accounts).


  • Multifactor Authentication (MFA/2FA), however, works by adding additional layers of security to your online accounts. 
    This provides a “second” thing - what we call a second "factor" - to prove who you are.
    Yes, the first layer remains as your username and password, however now you can add another layer of protection.

    For example:

    • An additional password, or a PIN.
    • A code accessible through your password manager, smartphone, or a secure USB key.
    • A fingerprint, or facial recognition.


    • How does MFA work?


      What this additional level of protection does is helps to ensure that you are who you say you are when logging into your online account.
      So even if someone gets your user name and password, and logs in with your credentials, they will be stopped!
      You will get immediate notification on your phone to indicate that someone is trying to login to your account.
      You can then decline the authorisation, locking them out. This also tells you that your password has been guessed, so you know to change your password.

      How do I get MFA?


      Many of your current apps will have an MFA feature that you can turn on. For other things like email, you can enable MFA.
      This may mean talking to your ITA provider so that we can assist you to help turn on your Microsoft 365 MFA (or other) feature.
      Once it is turned on, you and your team will need to use MFA before you can next access you emails/Teams and other applications.
      Make sure that everyone is ready for this and knows what to do. It isn’t hard, but like with all changes, its best to ensure that you have support from the rollout.

      What about Passwords?


      1. Can I re-use Passwords?


      Reusing the same passwords across multiple accounts is not a safe idea as it creates an opportunity for credential stuffing attacks.  A credential stuffing attack is one where leaked credentials from one site/service are used on another site/service to see if they work.  It would be like using the same key for your car and your house.
      For example, if you use the same password on your online bank account and Facebook, an attacker can easily breach both of your accounts even though you may not have reused the same password on your email account.  The potential harm this practice can cause may be a monetary loss, data loss or loss of sensitive personal details.   
      Here at the CT Business Solutions and the ITA we recommend that you update your password after every three months, unless you have been the victim of a cyber-attack, then you should change your password immediately. This ensures that if your credentials are breached, then they are not able to immediately breach other accounts also. 

      2. How strong is my password? 


      Password strength is a big topic of discussion.  You know the drill, you must use lower and uppercase letters, use numbers, use special characters, make sure it is long.  But even after all this effort, your password can still be weak! 
      You can test your passwords out before you use them at these websites.  They give you slightly different information about the strength of your password, which should help you to strengthen your password choices:
      Password Monster
      Kaspersky Password Checker


      (Note:  Your password is not collected or stored at either of these websites.  They are well known secure sources of information that you can trust).

      3. Should I use a Password Manager like the Keeper Password Manager that CT provide? 


      Yes, it is definitely best practice to use a Password Manager.
      Password Managers allow you to keep track of your passwords without having to remember them. 
      Password Managers like keeper also work very well in a team environment, with team vaults that everybody shares (example your suppliers) and personal vaults that the team cant use (example your bank).

      The advantages of a password manager are: 


      • A password manager can generate for you long, complex, unique passwords across different sites and services 

      • A password manager reduces the need to remember your passwords 

      • A password manager is good at spotting fake websites, so they can alert you to a potential phishing attack 

      • A password manager can generate new passwords whenever you need to update your credentials

      • A password manager can sync your passwords across all your devices, so you’ll have them with you regardless of what device you are using to login.

      • A good quality password manager is a safe, trustworthy and highly recommended security tool.  Known trustworthy tools such as Keeper can be trusted to protect your account logins.


      • Keeper is a paid password manager service for an individual or family, however, if you want to protect your business, you need, Keeper Business CT Business Solutions or an ITA member can help you specifically with this.

        In conclusion:


        Having MFA or 2FA is an essential these days, and so is having decent and unique passwords. For practical reasons you need to have a business password solution in place to ensure your team are password secure.
        Here at the CT and the ITA, we can help you to simplify this process, and provide you with support to easily and effortlessly apply these tips. If you would like to discuss your specific needs, please feel free to reach out to us here. If you would like to discuss your specific needs, please feel free to reach out to us here.

        This article was kindly written by our IT Alliance colleague Victoria McNoe from Decision1 in Dunedin.
        IT Alliance Members:

        CT Business Solutions - Hamilton
        @Computer - Northland
        Technology Partners - Tauranga
        Vision Lab - Te Puke
        AdvancedIT - Rotorua
        BlackSANZ - New Plymouth
        GTB - Kapiti, Wellington
        Decision1 IT Solutions - Dunedin
        IT Centre - Wanaka
        Voicecom - Invercargill
        IT Alliance Website







    Back...
     
     
    © 2022 CT Business Solutions Limited. All Rights ReservedContact Privacy Policy Terms & Conditions View Desktop Version