By Hannah Meredith – Education and Awareness Officer, Information Security team
People often ask me “What’s the number one thing I can do to protect my information online?” So Cyber Security Awareness month seemed like a great opportunity for me to share some insights on the risks you should avoid, and a top tip for keeping you, your loved ones and your precious data safe online.
Unfortunately, there isn’t one single quick-fix to protect your information online, but right at the top of my list is multi-factor authentication (MFA).
Authentication is simply the process of making sure you are who you say you are. Unfortunately, using a password on its own has its flaws. Cyber criminals will have access to your information if they work it out, even if you have a really good password.
Multi-factor authentication (sometimes called two-factor authentication) is a much more secure way of protecting your data – it uses two or more different methods to make sure it’s really you, such as:
- Something you know (a password or PIN)
- Something you have (a bank card or a mobile phone)
- Something you are (your fingerprint, facial recognition, or your voice)
If you’ve taken money out at a cashpoint you’ve used MFA – the PIN is something you know, and the card is something you have. If someone were to find your card they wouldn’t be able to withdraw money without the PIN.
I’ve personally experienced the benefits of MFA when I received a text from Facebook, asking if I was trying to access my account from a location in Russia. I was actually sat at home on my sofa in the UK, so the login attempt certainly wasn’t made by me! The person who was trying to access my account must have had the correct password to get that far. If I hadn’t set up MFA they would have definitely accessed my account, which is a scary thought.
MFA is simple to set up and is available on many well-known web services such as Facebook, Instagram, Amazon, eBay, Gmail, and many more. You can find details on which platforms support MFA and how to get it set up here – https://twofactorauth.org/.