Protecting your online accounts is an essential part of life on the internet. This guide to multifactor authentication can help.

Data security is a top priority whether you are a CIO of a large company or an individual who wants to keep their emails private.

As cyber-threats evolve and change, a single password system just doesn’t make the safety grade any more. Many people use the same password for multiple accounts but we cannot be reliant on a single form of authentication in an increasingly threatening digital landscape, where phishing and other threats are lurking.

Enter multifactor authentication (MFA). From single-use codes to physical security keys, users and businesses need to navigate the options on offer. Siliconrepublic.com spoke to some experts to find out what’s best.

CTO of data protection at Gemalto, Jason Hart, said: “While this technology is still not a standard security process for all organisations, consumers are likely to have come across it, with Facebook, Google and Twitter being strong advocates of the technology to protect users from cyber-criminals [who partake in] brute-force cracking, phishing attacks, or simply guessing static passwords using information shared by the user online.”

This method of MFA is probably the least secure option, as hackers can exploit the underlying SS7 signalling protocol. Curran explained that this could “spoof a change to a user’s phone number, intercepting their calls or text messages”.

Bad actors can also use the tried and true social engineering method of “tricking IT support staff into assigning accounts to ‘dummy sim cards’, thus rendering this form of two-factor authentication [2FA] useless”.

To read the full article click here.