Multi-Factor Authentication is a way to authenticate user sign-ins by adding an additional layer of security to a standard username and password login. By adding this additional layer, users can be safeguarded against potential database attacks. If an attacker manages to obtain user passwords, they are useless unless the attacker also has access to the devices linked to the Multi-Factor Authentication account.

Microsoft has released their own two-step verification solution called Azure Multi-Factor Authentication, which works exclusively with Office 365 applications at no extra cost. It is a simple solution that only adds a few more seconds to the user sign-in process. Verification methods range from a phone call, text message, via mobile app notification, mobile app verification code or even third party OATH tokens.

Azure Multi-Factor Authentication can be set up in just a few simple clicks and allows users to manage their own devices. It is also scalable, reliable and provides constant protection using the highest industry standards. When a user attempts to sign in to their Office 365 account with their username and password, an additional verification is sent to them. If they are unable to complete this second step, they will be unable to sign in.

The three most common authentication factor categories are:

  • The Knowledge Factor – something you know, such as a password
  • The Possession Factor – something you have, such as a smartphone
  • The Inherence Factor – something you are, such as fingerprints

With more and more database breaches being reported each year, password-based security is no longer a suitable option for any business dealing with sensitive information. Adding Multi-Factor Authentication to your applications and resources is one of the best ways to prevent unauthorised users accessing your data.

If you would like to discuss how we can help you with setting up Multi-Factor Authentication, please contact us.

Hayden McMaster