What You Need to Know About Implementing Multi-Factor Authentication
| February 6, 2020Multi-Factor Authentication is one of the most secure cyber solutions available to organizations, applications, and users today. Some applications require MFA in order to access features and services, and many more offer it as an additional security option that users can choose to enable.
There are a variety of ways to implement MFA through popular applications that work for personal use and businesses. Learn more about some of the most popular modern-day MFA applications available, and how you can use MFA to secure and protect your networks and users.
Top MFA Applications that Protect Users, Applications, and Networks
Duo Push
Duo Push is a popular two-factor authentication (2FA) method because it is known for being reliable, straightforward, and simple. Users download the Duo Mobile app. Then they are automatically prompted to confirm each login attempt with a single tap via a U2F USB security key device or by using a built-in biometric authenticator, such as TouchID, via WebAuthn.
Duo Push also accommodates more traditional 2FA controls. Users can confirm their identity using a secure passcode generated by a physical token, a mobile device, or a network administrator.
Google Authenticator
Through 2-Step Verification, Google Authenticator provides enhanced security for Google accounts by requiring a second verification when you sign in from a new device, or after multiple incorrect login attempts have been made. In addition to a password, users need a code generated by the Google Authenticator app, which is sent directly to a mobile phone via text.
OneLogin
OneLogin provides a seamless, simple, and integrated user experience for MFA, through OneLogin Protect. Instead of requiring entry codes that time-out after a certain period, a user presses a button and is automatically signed in. This process eliminates the need for those using various services in the Cloud to manage multiple OTP authenticators on their iOS or Android mobile devices.
Setting Up and Signing Into Your MFA Application
After you have installed your chosen app, you will need to sign-in to each service you will use MFA.
- Open your MFA app on your smartphone and press the “+” or “Add” button
- Login to the service on your computer (such as Facebook, Twitter, your personal bank account, etc.)
- Locate the service’s security settings
- Turn on MFA or 2FA (depending on how your service names this feature)
- Choose to use a third-party authentication app as your primary security method
- At this point, your service should show a QR code that you can scan using your MFA app on your smartphone, or show a code that you can enter for manual verification
- Verify that your security method was added successfully by seeing the service listed in your MFA app
- Set up your contact info for secondary security method in case your primary method is unavailable
- Repeat these steps for each additional service you wish to have protected by MFA
If you chose a more manual method of verification using a call, text, email, physical codes, or others, follow these steps to enable MFA:
- Login to the service (Facebook, Twitter, your personal bank account, etc.)
- Find your security settings
- Turn on MFA or 2FA (depending on how your service names this feature)
- Enter your contact information where you would like to receive your codes, or print physical codes/backup codes
- Repeat these steps for each additional service you wish to have protected by MFA
Now your personal applications are protected by MFA!
How can I protect my company with MFA?
In the case of enterprise-level MFA, initial set up is more involved than setting up MFA for personal applications. It’s worth the time and effort in implementing Multi-Factor Authentication, though. With MFA, you will significantly reduce your business’s risk of data breaches and increase your business’ online security.
While some identity and access management systems have native MFA support that you can enable from the admin console, not every system provides this tool by default. In this case, you will need to leverage a third-party tool that will integrate with your environment to increase security. Even if your environment does support MFA, adding a third-party tool can help you get the most out of MFA.
Concensus recommends evaluating these enterprise-level Multi-Factor Authentication tools to bring MFA to your business applications:
Identity Automation’s RapidIdentity MFA delivers an extra layer of protection across all access entry points. This includes Active Directory, offline desktop, on-premise applications, Cloud applications, employee and customer portals, and remote access using VPN, as well as other technologies. You can implement context-based policies that govern which multi-factor authentication method is actually needed—based on criteria, such as time of day, location, and network device settings. Users can even choose from a variety of authentication methods, like cell phone-based soft tokens, one-time passwords, and biometrics, to best fit their situation and needs.
MicroFocus’s NetIQ Advanced Authentication is an intelligent, flexible, Multi-Factor Authentication framework built for your business’s ever-changing needs. Advanced authentication gives organizations the flexibility they need to tailor the security and the user experience to the necessary level of authentication. Your organization likely has a variety of techniques that are already used for protection, any number and combinations of ID’s and passwords, building access badges, challenge-response phrases, and PINs. All of these techniques serve basic access needs. Advanced Authentication framework adds the strong level of authentication (MFA or 2-Factor) you require to meet regulatory, industry, and client forces.
In our latest eBook, we explain everything you need to know about MFA and how you can adopt this necessary security measure into your own business. Download our eBook here.