Adding a step to the log-in process known as multi-factor authentication, such as receiving a text or email from your bank for identity verification, is considered the most effective method to discourage hackers, according to Hanslovan.
Microsoft claims that multi-factor authentication can prevent 99.9% of cyberattacks on accounts, while other experts in cybersecurity estimate the effectiveness to be around 50%.
Based on data analysis from hundreds of thousands of identities and millions of endpoints under management, it has been scientifically proven that multi-factor authentication significantly enhances security. However, despite its effectiveness, many individuals dislike this additional step during the login process. It could be attributed to the inconvenience of clicking another button or entering a six-digit code.
Phishing attacks have been increasing in recent years, posing a significant risk to individuals personal and financial information.
According to a survey conducted by Duo Security in 2021, 78% of individuals used multi-factor authentication for some of their online accounts. This percentage has significantly increased from 28% four years ago, but it still falls short of being universally adopted.
The Cyber Readiness Institute states that less than half of business owners in the United States require their employees and customers to use multi-factor authentication. This poses a concern as data reveals a rise in hacker attacks targeting small businesses, many of which are ill-prepared, according to their own acknowledgement.
Although small companies may not possess as much wealth to be stolen compared to larger corporations, their lack of security measures makes them an easier target for hackers.
Hanslovan emphasizes that both individuals and businesses can greatly benefit from investing the effort into implementing additional steps during the login process. By doing so, they significantly raise the barriers for hackers and often compel them to seek easier targets elsewhere.
Hanslovan suggests avoiding reliance on text messages or email-based authentication options as they may not offer security measures.
Instead, he suggests using an app like Duo Mobile or Google Authenticator as an authenticator. These apps can generate a secure code, and you can even use your fingerprint or facial recognition to log in.
According to Hanslovan, this simple difference of utilizing the app to generate a code significantly reduces your risk. Hackers often cast a wide net, sending out billions of phishing email attempts each day. However, they are more likely to choose the path of resistance when faced with an obstacle like an extra step for authentication.
To put it in perspective, think of the phrase, "You don't have to outrun a bear; you just have to be faster than the person." By implementing factor authentication and opting for such an app, you're already ahead of most people. Attackers will then move on to target those who are still lagging behind.