However, the realistic goal is not to stop all online crime but to take steps to reduce the risk of you becoming the next victim. So to enhance the security of the sign-in process, multi-factor authentication (MFA) is used to add some form of access control in which a user is given access after successfully presenting separate pieces of evidence to a verification mechanism - typically at least two of the following three categories:
- Knowledge - something you know (PIN or password)
- Possession - something you have (key or smart card)
- Inherence - something you are (your face, voice, or your fingerprint)
Because when utilising MFA, even if a hacker acquires your username and password, the threat actor won’t be able to obtain your MFA code unless a complicated attack is carried out, like swapping your SIM card or decrypting your connection to the website.
MFA solutions are:
- Relatively inexpensive
- Extremely easy to deploy
- Simple but effective means of protection
There are a variety of MFA methods available - each with its own restrictions,
challenges, and weaknesses. One of the popular MFA methods is one-time passwords (OTPs). This is where the user, for example, receives an SMS with a unique code that has to be entered before access is granted. Nevertheless, major breaches in recent years have made it clear that SMS OTPs are susceptible to SIM Swap fraud and SS7 attacks. Whereas a physical security device, like a smart card or USB security key, has been proven to be a vastly efficient way to boost your security.
What is a USB security key, and how do you use it?A USB or portable security key is a small device that connects to a device by means of USB or even NFC. And unlike other authenticator apps, where you have to copy and paste lengthy codes to verify your identity, you simply press the button on the device to authenticate yourself as the authorised user.
Hardware security keys provide good protection as they rely on themselves as an exclusive access point. Without your password and your USB security key, it will be very difficult to get into your mobile phone or laptop.
For an additional (and effective) layer of online security, buy your YubiKey today.
Available on Takealot and on our shop.