What is Multi-Factor Authentication?
Multi-Factor Authentication (MFA) refers to an additional layer of security added to the login process. MFA relies on two forms of authentication: something you know and something you have with you. The something you know is your password. The something you have with you can be a mobile device or hardware token. This means that even if your password is hacked, your account will remain secure.
Why use multi-factor authentication?
Multi-factor authentication has a lot of advantages. Below are some of the reasons why you should be using MFA:
- Secure your accounts and data against hackers
- Mitigate the risks of poor password practices
- Increase employee productivity and flexibility
- It’s fast and easy to implement
- Step up or down risk-based MFA depending on the context of the authentication
- Stay compliant with specific regulations.
What are the benefits of multi-factor authentication?
Multi-factor authentication has a lot of benefits. Some of them are:
- It provides more layers of security for your account and data
- It protects against attacks due to stolen/phished passwords
- Decreases the risk of poor password behavior like password reuse
- It helps you meet regulatory requirements
- It works well with single sign-on (SSO) solutions
Why is multi-factor authentication better than a strong password changed regularly?
Multi-factor authentication is better than a strong password changed regularly because even a strong password can be stolen through social engineering. Hackers have a wide variety of ways to steal credentials regardless of the strength of the password itself. With MFA, a hacker would still not have access to a user’s account due to the protection of the second factor.
What kind of attack does multi-factor authentication prevent?
Multi-factor authentication can help prevent some of the most common and successful types of cyberattacks, including automated credential stuffing, brute force and reverse brute force attacks, and man-in-the-middle attacks. It also limits the impact of phishing since a stolen or guessed password alone is insufficient for a hacker to gain access.
How effective is MFA?
Multi-factor authentication effectively prevents any attack that involves a bad actor obtaining or guessing the user’s credentials. According to Google, MFA via on-device prompts blocks 99% of bulk phishing attacks and 90% of targeted attacks.
How often do I have to re-authenticate?
Your organization will work with our engineering team at Intelice to find the right timing for your organization.
How do I enroll in MFA?
Enrolling in MFA is very simple! Reach out to your account manager to be put on our implementation schedule. Remember, Intelice is offering this at absolutely zero cost to you. We know this is the quickest and most cost-effective way to begin securing your organization, users, and data.
What are my authentication options?
You will choose a primary authentication method when you register, which you can change or update at any time. Current options are outlined below:
- Mobile Notification (Microsoft Authenticator Required): A push notification is sent to the authenticator app on your smartphone, asking you to authenticate your login.
- Verification Code (Microsoft Authenticator Required): The Mobile Microsoft Authenticator app will generate a verification code that updates every 30 seconds. You will be asked to enter the most current verification code on the sign-in screen.
- Text Messages: A text message with a 6-digit code is sent to the mobile device that you will input to complete the authentication process
- Phone Calls: A call is placed to your mobile phone asking you to verify you are signing in. Press the # key to complete the authentication process
How do I set up the Microsoft Authenticator App on my phone?
Our implementation team will guide you through that process, but feel free to watch Microsoft’s How to register for Azure Multi-Factor Authentication if you are curious. If you have questions regarding the Authenticator App, feel free to refer to Microsoft’s Authenticator page, and as always, if you’re stuck, contact our service desk for the support you need.
What if I forget my phone at home?
If you forget your mobile device at home, you can use your backup authentication method. If that doesn’t solve the problem, please contact our service desk.
What if I experience issues with MFA?
Intelice is always here to help you through any IT challenge you face. Our service desk is available to you for anything you may be stuck on. Reach out to us at any time.
What data does the Authenticator store on my behalf, and how can I delete it?
The Authenticator app collects three types of information:
- Account info you provide when you add your account. This data can be removed by removing your account.
- Diagnostic log data stays only in the app until you Send feedback in the app’s top menu to send logs to Microsoft. These logs can contain personal data such as email addresses, server addresses, or IP addresses. They also can have device data such as device name and operating system version. Any personal data collected is limited to info needed to help troubleshoot app issues. You can browse these log files in the app at any time to see the information being gathered. If you send your log files, the Authentication app engineers will use them only to troubleshoot customer-reported issues.
- Non-personally identifiable usage data, such as “started add account flow/successfully added account,” or “notification approved. “This data is an integral part of our engineering decisions. Your usage helps us determine where we can improve the apps in ways that are important to you. You see a notification of this data collection when you use the app for the first time. It informs you that it can be turned off on the app’s Settings page. You can turn this setting on or off at any time.