Staying Safe Online with Multi-Factor Authentication

Since the recent Optus data-breach, cyber-security has been on all our minds. If you’ve been wondering how to protect your confidential information online from people who aren’t authorised to see it, a good method is by using multi-factor authentication.

What is multi-factor authentication?

It sounds complicated, but the concept is fairly simple. Instead of typing in one password to open your important online accounts, you need extra things, or ‘factors’, to confirm it’s really you.

Whether you call it multi-factor authentication, MFA, two-factor authentication or 2FA, it helps to prevent access by cybercriminals – even if they have your password.

“Having your password stolen is one of the biggest threats to someone being able to hack into your accounts,” says Digital Literacy Foundation’s Digital Director, Chris Olsen. “A simple trojan horse email or leaving your password written down on your desk, or even saved in your computer, can leave your personal details wide open to attack.”

“But multi-factor authentication is a sure way to keep your secrets safe,” he recommends.

Where and how would I use multi-factor authentication?

Multi-factor authentication can be used by businesses or individuals to secure accounts from email and banking to Facebook and Instagram.

Sometimes you need to set it up yourself. Other times, it’s required by the account provider, such as myGov.

To sign into myGov you’ll be asked to enter your username, password and then either a code sent by SMS, an answer to a secret question, or a code from an app.

The Australian Cyber Security Centre website categorises the additional things you might be asked for into these 3 main types:

  • Something you know, e.g. a PIN or password
  • Something you have, e.g. SMS, email, authenticator app or a physical token
  • Something you are, e.g. a fingerprint, iris scan or facial recognition

A familiar example is at ATMs, where you can only withdraw money with your card (something you have) and PIN (something you know).

What should I do now?

As the Optus hacking shows, cyber-attacks are becoming more sophisticated, daring and widespread.

But additional steps at log-in have been proven to increase account security. When the tech giant Google enrolled 150 million users into two-factor authentication at the end of 2021, it coincided with a 50% reduction in compromised accounts, according to comparitech studies.

So it makes sense to protect yourself this way.

Watch this space for our step-by-step ‘How to Guide’ for setting up multi-factor authentication to protect your accounts online, which is coming soon!