A strong password is not enough Email
Written by Colorado Green NOW   
Tuesday, October 26, 2021 04:00 AM

Colorado Green Now

These days, having a strong password isn’t enough. It’s still important to come up with a strong, not-easy-to-guess password (please don’t tell us you are still using password123 or your dog’s name!) and to change it regularly. Yes, it’s inconvenient, but passwords can be uncovered by scammers. So what more can be done to protect your online assets? Enter multifactor authentication.

Multifactor authentiWHAT?
It’s a mouthful to say, but the premise is simple. Multifactor authentication (we’ll call it MFA from now on) adds another step to the process of accessing your data or online account. Usually, two factors are involved. Factors are types of evidence that you are authorized to access the data. If someone steals one factor, they still need to provide a second factor before access is granted. Wikipedia offers the excellent example of an ATM. You need both a bank card (factor 1) and a PIN (factor 2) in order to see your account information or withdraw money.

Using MFA for email access
Most email providers allow for MFA. If you use a cloud service, you should enable MFA for that as well. Many are beginning to require it. In many cases, the user must link a phone number to the email account. When logging in, a user must provide a password, then enter a time-sensitive code—often sent via text message—in order to complete the login process.

Why is MFA so important?
Many criminals aim for the low-hanging fruit. If you only have one way to access your accounts or data, that’s just one layer of protection. If they can uncover that layer by stealing a password, stealing your data or scamming your contacts can be easy. Adding just one additional step makes it harder for thieves to get to your information.

Talk with your IT department or your email service provider to learn how to enable MFA for your team.

Further reading: Why It's Smart to Use Authentication Apps for Multifactor Security (Consumer Reports)

Read more in this issue of Colorado Green Now:
Ransomware becoming the #1 online threat to small businesses
What is phishing?
Be on the lookout for email spoofing
October is Cybersecurity Awareness Month