September marks the one year anniversary of the Equifax hacking, the largest hacking ever recorded. While the details still aren’t fully known, we do know that at least 146 million Americans were affected in some capacity. Full names, Social Security numbers, and even credit card numbers and expiration dates were exposed in the attack. Today, unfortunately, hackers are not slowing down and are even trying to take over our robots.
This is not to say, though, that banks, corporations, and agencies don’t have tools of their own to prevent hackers from accessing your information. One of the best online security practices for online accounts is called multi-factor authentication (MFA). Let’s say, for example, that you have an online account for personal banking. If your bank doesn’t use MFA, we would highly suggest that you get a new bank as your money and data could be at risk.
What Is MFA?
In order for a bank’s system to verify that it’s you, authentication factors are often used. While there are many different categories of authentication factors, the three most common include the following:
A knowledge authentication factor: This refers to information only the user should know, like a username and a password. This is the most common authentication factor. Unfortunately, it is also the only one used in way too many systems.
A possession authentication factor: Some systems will require a security token or the software taken from the mobile phone used to access the system to verify the user’s credentials.
An inheritance factor: The third authentication factor requires an identifiable biometric characteristic to prove the user is who they say they are. An inheritance factor could include a fingerprint test, voice reading, or eye scan.
As already stated, many banks and other organizations only need a knowledge authentication factor for verification. This is known as single-factor authentication (SFA). It’s been proven time and time again that SFA is not enough to prevent hackers from accessing accounts. However, we have also found that most MFAs verify the password first, which, again is problematic.
Why is TruGrid MFA more Secure?
TruGrid’s MFA is different than most because it verifies the security token first. In so doing, it makes it practically impossible for attackers to test weak or stolen passwords against systems protected by TruGrid. TruGrid features built-in two-factor authentication, identity management risk monitoring, and other advanced security measures to ensure our clients’ workspaces stay safe.