How do you prove who you say you are? We call that authentication. Multifactor authentication uses multiple sources to verify your idenitity. 12 Virtues Consulting recommends two factor authention (2FA) for most clients. For large organizations, single sign on (SSO) provides more visibility into the security surrounding authentication.
The 3 Most Common Factors of Authentication
Something you know
Something you have
Something you are
What does NIST recommend?
Multifactor authentication can be the last line of defense if your password is compromised. You should use a strong password and a password manager to avoid using the same password everywhere. Once a hacker compromises one password, they can try that password on other online authentication portals.
Short Message Service (SMS) 2FA is a common form of extra authentication. There are a few issues with SMS.
- Messages can be intercepted and recorded.
- Social engineering can allow malicious actors to trick your phone company to give them access.
- SMS is more public than most people think.
If you would like to read more about the issues of using SMS verification there are many useful links in this security Stack Exhange question.
How do we protect your website?
Your website will have two factor authentication setup if your decide that you want to login to your site. 12 Virtues Consulting developers access your site using 2FA. Let us know if you have any questions.