-
Estimated reading time
5 minKey points
- Multi-factor authentication (MFA) adds extra layers of security to help protect your accounts from cybercriminals.
- MFA usually involves using a combination of something you know (like a password), something you have (like a one-time code), and something you are (like a thumbprint) to log into your account, to confirm high-volume transactions, or do a password reset.
- All of your accounts should have MFA (if it’s an option) – setting it up now can give you extra layers of security and help protect you from cyber threats.
Gone are the days when having a single strong password was all you needed for account security. Today, having multiple layers of security is essential for strengthening protection of your accounts from cybercriminals.
Multi-factor authentication (MFA) is a method to ensure the authorised user is logging into an account. So, you might enter a password first, then follow that up with a one-time passcode sent to your phone. It’s a great way to give your important accounts, like your online banking or email, a security boost.
“MFA is such a simple and important step to set up,” says Sushma Bhandary, ANZ’s Journey Expert in Security Operations, Intel and Influence. “According to Entrepreneur, around 90% of employee passwords can be cracked in six hours,1 which highlights the importance of activating MFA for all your accounts.”
So, what else do you need to know about multi-factor authentication? Well, dive right in to learn all about how to add multiple layers of protection to your devices and accounts.
What is multi-factor authentication?
Multi-factor authentication is when you use more than one way to verify your identity when logging into an account or making a large transaction. It usually uses a combination of:
- Something you know, like a password or answer to a personal security question.
- Something you have, like a phone with a one-time code from a message or authenticator app.
- Something you are, like your voice or thumb print.
video
How does multi-factor authentication work?
When you have multi-factor authentication switched on, you will go through a series of steps to log in or access your account or app, such as your bank account, email, or when making purchases online. An example of MFA in action is making a significant transaction through your online bank account by logging in with your customer registration number (CRN) and password (layer one), then approving the transaction with a one-time passcode sent to your phone (layer two) or a biometric (like your fingerprint). These extra steps can help protect your money by ensuring that it’s you who’s performing the transaction instead of a cybercriminal.
Why is multi-factor authentication important?
Multi-factor authentication makes it harder for cybercriminals to access your data and accounts. Once activated, even if a cybercriminal managed to guess your password, they might not be able to access anything without that second layer of protection, such as your unique code or fingerprint.
“Using MFA for all your accounts may provide enhanced security and protection against password breaches,” Sushma says. “It’s also a convenient and flexible security solution, as you can choose which additional layers of security you want – like a one-time passcode, biometrics and so on.”
If you’ve ever wondered how to activate MFA, the process is quite simple. Visit the privacy settings of the app or account and look for the option to activate multi-factor authentication. You might even be prompted to do it when you first sign up for the service.
Which accounts should have multi-factor authentication?
The short answer – all of them! There’s no harm in activating multi-factor authentication on all your accounts and apps for that extra protection. But there’s one important account where everyone needs MFA activated.
“When you think about it, every time you need to reset your password you’re asked for your email address, which makes it one of the most important accounts that cybercriminals will target,” Sushma explains. “Your email is usually linked to so many other accounts, such as social media, online shopping, and banking. It should be the first account where you activate MFA.”
So, make a list of all the accounts that you might have, and see if you can activate MFA on all of them – especially your email. That one extra step you take now can help protect your accounts and data in the future.
10 simple ways to protect your accounts and be safe online
- Activate MFA whenever and wherever it’s offered, whether it’s for your online banking, grocery shopping, or social media.
- Use different unique and strong passwords or personal identification numbers (PIN) for different accounts. For example, use two different passwords for your banking and email accounts.
- Use different types of MFA for different accounts, for example, for your banking account, use a password combined with a fingerprint scan. For your email, use a password and a one-time passcode sent to your phone. Make sure you review these settings regularly.
- Consider using a password manager. Some web browsers have these built into them that can generate secure passwords and store them for you when you sign up for a new account. Alternatively, you can research different password manager applications to find a tool that’s right for you.
- Make your phone more secure with an automatic screen lock, a passcode or biometric detection (like a fingerprint or face scan). Some phones might let you have a combination of these for added security.
- Some accounts might generate backup one-time codes for MFA or signing in, depending on the app or account. Store these somewhere safe where only you can access them.
- Be wary of any requests for MFA resets or authorisations that come through unexpectedly. By following through with the reset, you might risk compromising your account.
- Pause before you share personal information. Take the time to consider if you actually need to give out your personal information or not.
- Call out any suspicious messages and report them. If you see something suspicious, chances are it’s a scammer who wants your information or money (or both!).
- Turn on automatic software updates to help keep your devices safe and secure. This will give you access to the latest security features automatically.
- Multi-factor authentication (MFA) adds extra layers of security to help protect your accounts from cybercriminals.
Fraud protection.
Now it’s personal.
ANZ Falcon® technology monitors millions of transactions every day to help keep you safe from fraud.
Falcon® is a registered trademark of Fair Isaac Corporation.