What is Multi-Factor Authentication:
The term multi-factor authentication sounds very technical and probably a bit overwhelming.
But essentially it means “verifying who you are in two or more ways”. It used to be referred
to as ‘two-factor authentication’, but it was changed to multi-factor authentication to reflect
the idea that you might be required to provide more than just two pieces of information to
prove your identity.
Techie Term:
Multi-factor authentication is a strategy through which online companies verify you are you
and not someone pretending to be you. This is done by proving your identity in two or more
ways.
Use of multi-factor authentication is becoming more and more common in today’s society, as
company’s seek ways to combat identity theft, data loss, and unwanted expenses due to
reimbursements to consumers.
Multi-Factor Authentication Examples
Here are a few common examples of multi-factor authentication on websites:
1. The website will prompt you for your username on one page, and then your
password on a second page. This allows the website to perform two checks and
limits the amount of information it is exposing to the public (including to any
opportunistic hackers);
2. In conjunction with example #1 above, before asking for your password after
collecting your username, the website might display an image you chose and/or a
unique phrase that you chose during enrollment in their online service. This
allows you to verify that you did, in fact, enter your username correctly (and didn’t
‘fat-finger’ it), before proceeding with your password.
3. After entering your username, the website might send you a text message on
your mobile phone with a short authentication code. Then on the second page
where you are asked to enter your password, you will also be asked to enter the
authentication code that was just sent to you. This allows the website to reduce
the risk of a hacker impersonating you, because they’d also have to have your
mobile phone on hand. These authentication codes usually expire after five or ten
minutes.
Techie Term:
Fat-fingering happens when you enter information via a keyboard or touch screen and
unwittingly enter an incorrect letter or character.
Essentially, if a company says they use multi-factor authentication, you can feel more
comfortable that they take data security more seriously. And if they offer you a chance to use
multi-factor authentication, you should do so for your own protection.
Section Review
Action Items:
• Make use of multi-factor authentication whenever you can;
• Put more faith in companies that offer multi-factor authentication