With all the recent international hacking incidents, we thought it’d be a good idea to focus this edition of the Tree Ring Digital blog on the idea of “cyber hygiene,” particularly the use of “multi-factor” or “two-factor” authentication (sometimes called 2FA) mechanisms. 

What is Multi-Factor Authentication? 

From Wikipedia: 

“Multi-factor authentication (MFA; encompassing two-factor authentication, or 2FA, along with similar terms) is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something only the user knows), possession (something only the user has), and inherence (something only the user is). MFA protects the user from an unknown person trying to access their data such as personal ID details or financial assets.” 

 

Let’s say you’re locked out of something. Not a “real” thing, like your house or your car, but something that may actually be more potentially consequential – a digital account. You’re locked out because you forgot your password, and the account needs to make sure you’re really you.  In an attempt to verify your identity, the resource may require a second factor, like a user-controlled password with a one-time password (OTP) that is sent to your phone or email. 

I Own a Small Business, Not a Huge Corporation. Is this Necessary for Me? 

Unfortunately, it is. Volumes can be and have been written on the motivation of hackers, but suffice it to say, hoping they don’t notice you isn’t a strategy. There doesn’t have to be a reason for a hacker to attempt to hack your account – your existence makes you a target. Tree Ring Digital’s WordPress Developer Rebel Kline puts it this way: “Everyone needs to understand that when it comes to security – BE SECURE and not sorry! Make things a major pain so a hacker picks on the lower-hanging fruit.”

Let Tree Ring Digital Help

In summary, two-factor authentication can definitely be annoying, but it’s a necessary step to keeping your data (which amounts to absolutely everything in today’s world) safe. As Kline says, “A password is not secure all by itself. It needs a system to lean on.”  

 

We know you’re not an expert in web development or cybersecurity, so Tree Ring Digital offers website maintenance services to help make sure your website stays safe while you focus on your business. Want to learn more? Call us at 303-218-5287 to find out how we can help!