By Timo Papandreopoulos and Julie Goldstein. Passwords are the keys to most devices and almost everything you do online. Unfortunately, even the best passwords can get hacked, stolen, or unintentionally shared.
Fortunately, there is an easy way to add another layer of protection to make your login more secure, in addition to your username and password. This is called multi-factor authentication (MFA).
What is MFA?
Sometimes referred to as two-factor or two-step authentication, MFA is a security enhancement that requires you to present an additional piece of information beyond your username and password when logging into an account. This additional information usually is:
- something you have – like an app on your phone, a token, or smart card
- something you are – like your fingerprint or facial/speech recognition
Why use MFA?
Although stopping all online crime is not a realistic goal, simple steps can greatly reduce the likelihood you’ll be the next victim.
MFA makes it harder for bad guys to log in as if they were you. Even if they had your password, they would still need your phone or token – your second “factor” – to get in.
Turn on MFA today!
While two-factor authentication may seem like more work at first, it will make your accounts and personal information substantially more secure. Don’t wait until your accounts have been hacked. Lock down your login today and enjoy greater peace of mind.
You should use MFA whenever possible, especially for your most sensitive accounts – like your email, bank accounts, health records, and social media. While some organizations require you to use MFA, many offer it as an extra option that you can enable – but you must take the initiative to turn it on.
For more information, visit a list of websites that offer MFA along with step-by-step instructions for turning it on.
Make it a habit
For other effective cybersecurity habits, check out UC’s “Make It a Habit” webpage.
Timo Papandreopoulos was a student intern at the UC Office of the President, where Julie Golstein is a cyber-risk IT security analyst.