What is Multi Factor Authentication? Traditionally security consisted of a user name and a password. MFA adds a layer of security by requiring a third item/key before you can log into an account. Example: Microsoft now requires an email address, password AND a code from an authenticator app. Even if a hacker guesses your password they can’t access the MFA code from your authenticator app on your phone.
You can read more about multi factor authentication and your small business here.
Common MFA problems:
- not backing up restoring the app on a new phone
- too many authenticator apps
- not tracking which phone/authenticator app account is tied to.
Let’s delve into those MFA problems.
First, not backing up and restoring the app. Do you know how to check your authenticator app backup? In Microsoft Authenticator, you need to click on the three bars in upper left hand corner (this is on an iPhone), then click Settings.
In settings, make sure under Backup section that the toggle is moved over so it is included in your iCloud Backup. Check Help section for this app on Android phones to find these settings.
Second, there’s too many authenticator apps. Seems like every software vendor is pushing their own authenticator app or saying use Google or use Microsoft when either will work.
It’s easier to manage ONE authenticator app than three. One less thing to update and track.
Third: not tracking which phone/email/authenticator app an account is tied to. You could have an info@ account tied to your web site hosting AND a design@ account tied to web site plugins with a different app. Best to track your software with a spreadsheet of each software account, which email address it’s tied to, which MFA app and phone it’s tied to.