Getting a second opinion is a great idea in both medicine and end-user cybersecurity. Two-factor authentication (2FA) and multifactor authentication (MFA) are powerful tools in the fight against all kinds of cyberattacks that involve end-user devices and internet-based services.
There’s just one big problem: it’s far, far too common for people to use text messaging as the second factor. That turns phone numbers into digital identity devices — a role they are poorly designed to play. If someone loses a smartphone or has it stolen or taken from them, they also lose their access to authentication. Worse, the attacker can transfer the phone number to another person, who will now receive authentication requests. Here’s what to do about the 2FA and MFA phone problem.
How Two-Factor and Multifactor Authentication Work
Both of these precautions work by using more than one ‘authentication factor.’ That factor could be something the user knows, has or is part of what they are (like a fingerprint).
One of the most common combinations is a username and password (something the user knows), plus a message, link or code to the smartphone of the user (something the user has) via text messaging.
But there are others. Authentication factors can be a pin code, an item of personal trivia (mother’s maiden name, for example), a key fob, your face or many others.
Multifactor Authentication in Real Life
It plays out a million times a day. A user forgets a password, or chooses to change it. Or they visit a website from a different location than normal, or with a different device or on a site that check ..
Support the originator by clicking the read the rest link below.
