• What is Multi Factor Authentication (MFA)

    MFA, short for Multi-Factor Authentication, is a security measure that adds an additional layer of protection to user accounts. It requires users to provide multiple forms of authentication to verify their identities, such as passwords, confirmation codes from another device, physical devices such as USB keys, or biometrics like face or fingerprint recognition.

    Combining several factors, MFA significantly enhances security and makes unauthorized access more challenging. It is commonly used in online services, banking systems, and to access business IT systems.

    For example, if a hacker has your email address, they just need to obtain your password, and they have several ways to easily obtain this, such as, through trickery easily or forcing it using a computer to guess millions of passwords at a time.

    1. Email address
    2. Password
      = EASY TO BREACH

    OR

    1. Email address
    2. Password
    3. Code from your phone or another of the above factors
      = Much harder to breach

    For more guidance please see the following:

    Users: Setting up 2-Step Verification (2SV) – NCSC.GOV.UK
    Owner/Decision Maker: Multi-factor authentication for online services – NCSC.GOV.UK

    Other layers of security that help prevent breaches are: Long Passphrases, Training users to be aware of tricks to give out their password, and setting user accounts to lockout after several failed password attempts.