Why Multi-factor Authentication (MFA)?

In Today's world, Remote Workers are the new Normal

Work anywhere, anytime - this axiom had employees connecting to corporate networks via web and cloud apps, as well as remote access services like Virtual Private Networks (VPN) and Remote Desktop Protocol (RDP) to do their jobs. And in early 2020, the need for remote access exploded as organizations initiated work-from-home policies amid a global pandemic.

But remote access at this level brings new challenges. There are threats to users - like phishing, brute-force attacks and, password-stealing malware. Devices are also targeted by exploit kits and known vulnerabilities affecting out-of-date software. VPN, RDP, and cloud and web app access are also targets of malicious hackers.

What is Multi-Factor Authentication (MFA)?

An Additional level of Security

Multi-Factor Authentication (MFA) is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence to an authentication mechanism

The Building Blocks of Authentication

• Knowledge: Something you know. Like a password or a PIN or the answer to a secret question.
• Possession: Something you own. Like a key to a lock or a card reader or a token or a cell phone that receives a verification code.
• Inherent: Something you are. Like a fingerprint or face/voice/iris recognition
• Location: Where you are located. An IP address or confirmed GPS location.

Any one of these items can be used to authenticate an individual and grant access.

Different Types of MFA

Typically, MFA systems rely on at least one of the following approaches. 

• U2F (Universal Second Factor) devices: Similar to tokens, these are small physical devices used purely to verify logins. They are designed to fit into USB slots and when a user enters their password on a computer it prompts them to tap the U2F device to gain access. These are easy to use but they take up an all-important USB port on your machine.
• Authentication Apps: This is the most basic approach:  Smartphone apps that handle the second-factor approval process. These apps use internet connectivity which is more secure than using phone lines.
• Passcodes: The most common form of MFA. They usually consist of a short string of numbers sent usually by text, to a smartphone. These are different from your Authentication apps because they use phone lines (text) which are less secure. They can be a bother because you have to manually enter the string of numbers to gain access.
• Tokens: Small keychain fobs that generate codes for users to enter as their second factor. They are more secure than phone line delivered codes but you still have to enter the string of numbers. And maybe worse, you can't copy and paste. While they are affordable, they do run on batteries that will need to be replaced and it's tough to predict when the batteries will fail.
• Phone callbacks: The user receives an automated phone call that prompts them to approve or deny the access request. While effective, it's more time-consuming than the other methods of MFA.
• TOTP: Time-based One-Time Passcodes or TOTP.  Similar to passcodes but instead of the service sending a series of numbers, the app generates a one-time-use passcode that will quickly expire. You can still use your smartphone authenticator app and no unsecured phone lines are involved.

Multi-Factor Authentication (MFA)

Quick and Easy Installation

Unetek MFA makes two-factor authentication easy for both administrators and users. Unetek MFA provides an easy-to-use, secure mobile authentication app for quick, push notification-based approval to verify your user’s identity with a smartphone, smartwatch, and U2F token support. Or, choose from a variety of other supported authentication methods to fit every user’s needs.

Two-factor authentication (2FA) establishes trust in users’ identities and protects every user with a reliable, easy-to-use experience. Traditional 2FA can take months to deploy, requires professional services, and drives up the total cost of ownership with ongoing management. Unetek MFA delivers speed-to-security and lowers costs with faster, cloud-based deployment, as well as simplified authentication for users and admins with quick, push notification-based approvals with support for smartphones, smartwatches, and U2F tokens.