Impossible travel, MFA and making passwords easier
Small business cyber security risks, part 3: In my last blog we discussed passwords, including their major shortcomings . In this next blog we'll dive a little further into passwords, particularly in a work environment, but firstly we'll discuss one of the most common mitigating controls for many of the shortcomings of passwords: multi factor authentication (MFA) . You'll almost certainly have used a form of multi factor authentication before, most likely your financial institution will send you a prompt on your phone or perhaps an SMS when transferring funds. The usual form of MFA is the concept that you’re using something you know (your password) and something you have (which is the SMS, or the mobile phone prompt), although there’s a little more to it which we’ll discuss later in this blog. It’s far more difficult for the attacker to get hold of both of those things at once to impersonate you and carry out financial transactions on your behalf. Not impossible, but very u...