Did you know that you can prevent 99% of account attacks by using multi-factor authentication (MFA)? MFA also known as two factor authentication is one of the most important security measures you can take.
99.9% of account attacks are prevented by using MFA according to Microsoft Security.
– Melanie Maynes Senior Product Marketing Manager, Microsoft Security
What is it? Typically you login to an application by using a username and password. Multi-factor authentication requires an additional form of authentication on top of a password. The following are two factor options:
- Authenticator application such as Google Authenticator
- Fingerprint or Facial Recognition
- Send an alert to another device
- X.509 Certificate, this is advanced, but you can check out more info below
Avoid these Two factor Options
- SMS – Mobile phone to be texted, but is not recommended due to SIM swap security concerns
- Questions that you remember the answers, the only problem is these can be stolen in data breaches and then a hacker could reset your password or it could be common info such as where you went to high school that could easily be found on Facebook
X.509 Certificates
For example, it could be a public/private key pair or an X.509 certificate which is your public key signed by a Certification Authority aka Certificate Server or self-signed. The public key or certificate can be readily shared with others, but the private key should always be securely generated on your local machine and securely stored on your local laptop in a secure keystore. You don’t want to use self-signed certificates because they aren’t considered secure. The reason is you need a trusted Certification Authority Server to digitally sign the public key and link specific information ie domain to the key. You can think of it like getting your driver’s license. If you create your own license, how trustworthy is it? If you go to your local government office and get an official driver’s license then it is considered to be trustworthy.
Learn More About TrustedCISO
Click here to learn more about TrustedCISO: https://trustedciso.com/trusted-ciso/
To learn more about what a vCISO is click here: https://trustedciso.com/what-is-a-vciso/
Contact TrustedCISO to learn how we can advise your company on compliance and lowering your cybersecurity risk.
