Skip to contentSkip to Main Site NavigationSkip to Site Left NavigationSkip to Site Utility NavigationSkip to Site SearchSkip to FooterDownload Adobe Reader
Print

MFA Information

 

What is MFA (Multi-factor Authentication)?

MFA is quite simple, and organizations are focusing more than ever on creating a smooth user experience. In fact, you probably already use it in some form. For example, you’ve used MFA if you’ve:

  • Swiped your bank card at the ATM and then entered your PIN (personal ID number).
  • Logged into a website (such as Workday) that sent a numeric code to your phone, which you then entered to gain access to your account.

MFA, sometimes referred to as two-factor authentication or 2FA, is a security enhancement that allows you to present two pieces of evidence – your credentials – when logging in to an account. Your credentials fall into any of these three categories: something you know (like a password or PIN), something you have (like a smart card), or something you are (like your fingerprint). Your credentials must come from two different categories to enhance security – so entering two different passwords would not be considered multi-factor.

So look at a simple scenario: logging in to your bank account. If you’ve turned on MFA or your bank turned it on for you, things will go a little differently. First and most typically, you’ll type in your username and password. Then, as a second factor, you’ll use an authenticator app, which will generate a one-time code that you enter on the next screen. Then you’re logged in – that’s it!

In most cases it’s even easier than that. Most MFA approaches will remember a device. So if you come back using the same phone or computer, the site remembers your device as the second factor. Between device recognition and analytics the bank is likely performing—such as whether you’re logging in 20 minutes later from halfway around the world—most of the time the only ones that have to do any extra work are those trying to break into your account.

So what’s the big deal?

MFA helps protect you by adding an additional layer of security, making it harder for bad guys to log in as if they were you. Your information is safer because thieves would need to steal both your password and your phone. You would definitely notice if your phone went missing, so you’d report it before a thief could use it to log in. Plus, your phone should be locked, requiring a PIN or fingerprint to unlock, rendering it even less useful if someone wants to use your MFA credentials.

MFA article provided courtesy of US Government site resource: https://www.nist.gov/itl/applied-cybersecurity/tig/back-basics-multi-factor-authentication

District Documentation

Last Updated: 01/26/2021

A Member of the Grossmont-Cuyamaca Community College District