back to checklists

Multi-factor authentication

Multi-Factor Authentication (MFA) is a multi-step login process that provides an extra layer of security by requiring an additional factor (or factors) to be provided in the authentication process. Usually, this is done by requesting both something a user knows, such as a password, with something the user has, such as a keycard or a mobile device.

Historically, passwords have been the most common first factor, but are increasingly inadequate and easy to compromise. Because of password reuse, relying solely on a password means another organization’s security breach can become your problem. With MFA, accounts can be kept secure - even when a user’s password is compromised. An account with the password of "password" may be more secure, if MFA is used, than an account with a complicated password that is compromised. MFA is therefore one of the best “bang for your buck” ways to increase security the security of your systems.

  • Threat model and identify where MFA is necessary, beneficial, or unnecessary

  • Identify how MFA will impact your current systems

  • Identify how MFA’s implementation into your current systems

  • Identify the best second-factor for your organization and each specific use-case

  • Survey different 2FA (two factor authentication) implementation platforms and vendors

  • Create guidelines and educate your employees on 2FA, its purpose, and how it should be used

  • Implement your MFA solution

Tags:

back to checklists

The Office of Privacy and Data Protection announces beta testing of “Privacy Modeling,” a new web application that identifies the privacy laws relevant to the product or service you wish to create.

Go to Privacy Modelling App

Something went wrong. Please try again.