Best practices for multi-factor authentication

Major data breaches that potentially expose your data to bad guys have become a daily occurrence. The easiest way to protect yourself, even if your password is compromised, is to use two-factor authentication — but not all multi-factor authentication methods are created equal.

3 Best MFA Methods

Just because MFA provides an extra layer of security doesn't mean that cybercriminals can't bypass MFA and access your data. However, if you're using one of these methods, the chances of them cracking the code are very low.

Physical security key

A physical security key is installed in the computer.

Imagine being able to access your computer the way you access your house - with just a key. A physical security key is a physical key that, when inserted into a USB port , gives you access to your computer. However, the biggest drawback to using a physical security key is that it becomes quite difficult to access your device if you lose it.

It is important to note that there are two types of security keys: Bluetooth and USB. While both are extremely secure, physical security keys with Bluetooth capabilities are vulnerable to attacks where the password sent over Bluetooth is stolen. Such an attack is not possible when using a USB security key.

Biometric authentication

Best practices for multi-factor authentication
Biometric Login

What if instead of carrying a key in your pocket, you were the key? Biometric authentication involves using a part of your body to authenticate. Common biometric methods include using a person's face, fingerprint, voice, handwriting, and vein patterns.

Biometric authentication has become increasingly popular in recent years since Apple introduced Touch ID in 2013 (Android devices also received fingerprint biometrics in 2014, with Android 4.4). Many people have started using biometrics for authentication because it is easy to use and extremely secure. Unlike physical keys that can be lost or stolen, you never forget your finger in a restaurant, right?

One-time password (authenticator app)

A one-time password (OTP) is a unique, one-time password that must be used within a certain time frame before it expires. There are many ways to receive an OTP, but the most secure is through an authenticator app like Google Authenticator .

Best practices for multi-factor authentication

With Google Authenticator, you have up to 60 seconds to enter an OTP before generating a new one. Not all OTP methods are equally secure. OTPs sent via SMS and email are not as secure.

Other MFA methods

Using any MFA method is better than using none at all. However, some methods are better than others. Here are the best of the best.

Push Notifications

In addition to letting you know you’ve received a new IG message or promotional offer, push notifications can also be used for security purposes. When enabled, push notifications are sent through the app of your choice and must be approved or declined. The beauty of push notifications is that they don’t require character input in the same way that, say, an authentication app does.

Push notifications are user-friendly, providing strong and fast security. The main weakness is that if your device is lost or stolen, the thief only needs access to your unlocked phone to authenticate with push notifications.

Phone

Let’s say you’ve logged into your bank account but have enabled 2FA via phone call. Once you enter the correct username and password, you’ll receive a phone call to the number on file and be given a second password. This method is secure enough if you have access to your phone, but phones can easily be stolen or lost. Not to mention that most phone calls are unencrypted. If a skilled hacker targets you, they can eavesdrop on your calls. Having just been sent an unencrypted password, they can easily steal your password and access your account.

One-time password (SMS or Email)

Best practices for multi-factor authentication

OTPs sent via SMS or email are not inherently insecure; however, they are among the least secure ways to authenticate users. SMS and email OTPs are appealing because they are both simple and easy to implement. Less tech-savvy users may not want to set up an authenticator app, may not know how (or want to) enable biometric authentication, or may not even know what a physical security key is.

The problem is that SMS and even email can be compromised. 2FA is of little use if the second password is sent to a cybercriminal. SMS messages can also be sent unencrypted and intercepted.

Security question

We've all filled out security questions. Common security questions ask for your mother's maiden name, your pet's name, and where you were born.

The problem with these questions is that anyone who views your Facebook account can find out this information. Another big problem is that these answers can be forgotten. Passwords and usernames are often recorded, whether in a password manager or elsewhere; however, the answers to security questions are not. If you forget the answers, cybercriminals won’t be able to access your account, but neither will you.

Best practices for multi-factor authentication
Microsoft security question example

You have a variety of multi-factor authentication methods to choose from. Now that you know which method is most secure, you can make a more informed decision about how to best protect your data. Regardless of which method you choose, remember that any 2FA is better than none at all.

Sign up and earn $1000 a day ⋙

Leave a Comment

External monitors can have a negative impact on laptop batteries.

External monitors can have a negative impact on laptop batteries.

Using a laptop with an external monitor is a great combination for productivity and getting work done. But over time, you may find that your laptop suddenly runs out of battery quickly and the battery life starts to decrease.

8 major disadvantages of foldable screen phones that you didnt expect

8 major disadvantages of foldable screen phones that you didnt expect

There’s no denying that foldable phones are pretty cool. But after using them for a while, there are a few quirks to them. Here are 5 major downsides to foldable phones that you might not expect!

Adobe is bringing AI video creation technology to Premiere Pro

Adobe is bringing AI video creation technology to Premiere Pro

Adobe has brought AI video creation technology to the masses in a new way, although it has yet to create a finished movie using the technology.

Latest Genshin Impact Codes April 2025

Latest Genshin Impact Codes April 2025

Genshin Impact 5.5 Code helps you exchange for Primordial Stones, Magic Minerals, experience and many other rewards.

How to Turn Your iPad into an Extra Mac Display

How to Turn Your iPad into an Extra Mac Display

macOS Catalina and iPadOS include support for a new feature called Sidecar, designed to let you use your iPad as a secondary display for your Mac.

Wallpaper 1280, beautiful Nokia 1280 phone wallpaper

Wallpaper 1280, beautiful Nokia 1280 phone wallpaper

This is a set of Nokia 1280 wallpapers, if you have ever texted to get 1280 wallpapers, brick phone wallpapers, then try looking at these wallpapers.

Hypersonic space plane reaches speed of 11,115 km/h

Hypersonic space plane reaches speed of 11,115 km/h

Venus Aerospace has revealed the first images of its new hypersonic aircraft called the Stargazer, which can reach a top speed of 11,115 km/h, equivalent to Mach 9.

Eating bananas for breakfast helps you reduce bloating

Eating bananas for breakfast helps you reduce bloating

Bloating can happen to anyone. The good news is that breakfast is a great time to add a few ingredients to your meal that can help reduce bloating. That ingredient is bananas.

OpenAI Announces Major Update to AI Image Generation in ChatGPT

OpenAI Announces Major Update to AI Image Generation in ChatGPT

OpenAI has just officially introduced a remarkable upgrade to the AI ​​image generation capability in ChatGPT, an important step forward instead of using a separate image generation model like the previous DALL-E.

Deepseek Releases Free Language Model v3 That Runs Well on Common Hardware Configurations

Deepseek Releases Free Language Model v3 That Runs Well on Common Hardware Configurations

Chinese AI startup DeepSeek has just officially released its latest large language model (LLM), DeepSeek-V3-0324.

Reasons to ditch Gboard and switch to Samsung Keyboard

Reasons to ditch Gboard and switch to Samsung Keyboard

Gboard has long been the go-to keyboard on Android phones. However, many people have recently switched to Samsung Keyboard and haven't looked back.

Sweet and Romantic Weekend Wishes for Lovers

Sweet and Romantic Weekend Wishes for Lovers

Send sweet and romantic weekend wishes to your lover. Although they are just words or messages, they will be meaningful spiritual gifts, helping to strengthen your relationship.

Harry Potter TV series needs the following elements to be successful

Harry Potter TV series needs the following elements to be successful

HBO's Harry Potter remake is expected to premiere in 2026. Here's what makes the TV Harry Potter a success.

Stunning pictures of the supermoon from around the world

Stunning pictures of the supermoon from around the world

Beautiful moon pictures are not rare on the Internet. This article will summarize for you the most beautiful moon pictures in the world.

AMD Ryzen Users Should Install This BIOS Update for a Free Performance Boost

AMD Ryzen Users Should Install This BIOS Update for a Free Performance Boost

Now, AMD has responded to the issues with its underperforming flagship CPU line with a new update that could deliver a few more frames per second.