Verify it’s you!
Have you ever been on a website, and when you log in, it texts you a code you have to type in for “verification”? Of course you have, we all have. By this time, in the year 2020, it’s pretty common.
This process is called “Two-Factor Authentication,” which is the idea that you need two pieces of identification in order to log into an account. Your password is one piece of identification. Your phone number (verified with a text message) is another. An authenticator app is yet another.
There is also a more advanced version of Two-Factor Authentication, called “Multi-Factor Authentication,” which does not limit you to just two pieces of authentication. With Multi-Factor Authentication, you can have as many as you want, such as a password, a text message, and a fingerprint, all at once. However, for most people, Two-Factor Authentication is plenty.
When a website texts you a code, it is using Two-Factor Authentication.
Websites force you to do it, but no one ever tells you why. It’s a more annoying login process, with more steps, so why should we do it?
Let’s talk about why.
According to Microsoft, “…you are 1000x less likely to get compromised if you have text message verification.”
Microsoft’s source for this data is from compromised accounts across all Microsoft 365 accounts globally. Of all of the compromised accounts, 99.9% do not use two-factor authentication.
According to Microsoft, this one simple change moves your account from the 99.9% low-hanging fruit, to the 0.1% of all accounts that rarely get compromised. All with just one change.
If you aren’t sure how to implement Two-Factor Authentication in your own environment, reach out to us, we’d be happy to help!