How much do you REALLY know about online security?

Why you should always use multi-factor authentication in security systems

by Samuel Hayes

For those of you who are unfamiliar with the term, multi-factor authentication (MFA) is a method of access control whereby a person must provide at least two disparate pieces of evidence to unlock an authentication mechanism — this is usually categorised into three categories, although it is fairly common for multi-factor systems to employ a single category. The three categories are as follows: knowledge (something they know), inherence (something they are), and possession (something they have). For example, a typical form of two-factor authentication could be a keypad with a 6-digit access code (knowledge), and a fingerprint scanner (something the are). Additionally, if a security system wanted to go Get Smart with its security, adding a keycard into the equation would result in three-factor authentication.

While it's tempting to re-enact the Get Smart intro, there comes a point when adding extra layers of authentication has diminished returns. Unless you're operating a nuclear arsenal or a main vault, two- or three-factor authentication is sufficient. Another interesting element to consider is knowledge insofar as knowing where a valuable asset is located (or that it exists in the first place). A cliched example of this would be a secret bookshelf that contains a secret room. A more practical example of this might be containing your money inside something that seemingly has little to no perceived value; for example, an old food tin with a false bottom on it.

While it's true that many people think of security systems as control rooms and closed-circuit television cameras (and they'd be correct to), this is really only half the picture. Such security measures are primarily used to dissuade would-be criminals from intruding. Although they can be used to intercede any criminal activity, they do not directly impede a person's progress; the barrier is typically more indirect in nature. Also, gone are the days when having just a swipe card or passcode alone is good enough. Remember that there is no truly infallible authentication mechanism; even massive passwords — including 16-character codes that are essentially random — can be cracked within an hour when given good hardware and algorithms. Moreover, such rudimentary defences can be countered by man-in-the-middle attacks or some other form of trickery.

By combining multi-factor authentication in your security systems, you make your defences exponentially more secure. In 21st century life, knowledge is power more than it has ever been, and keeping your personal and business data protected is more crucial than it has ever been.

Share