Cybersecurity Awareness Month – Multi-Factor Authentication

This week’s post for Cybersecurity Awareness Month covers Multi-Factor Authentication.

What is MFA?

An authentication factor is a way for a person to identify oneself to a computer. Multi-Factor Authentication (MFA) means using more than one factor to prove to a computer that you are who you say you are. Typical authentication factors come in three types:

  • Something you know (like a password or PIN number)
  • Something you have (like a phone or ID card)
  • Something you are (biometrics like a fingerprint or facial recognition)

You probably use MFA all the time: when you use an ATM, you use a debit card (something you have) with a PIN (something you know). When someone checks that your face matches the picture on your driver’s license, they’re authenticating you with two factors.

How does MFA help?

According to Microsoft, 99.9% of account compromise attacks can be stopped with MFA. When you use MFA, a cybercriminal who wants to use your account will face a much greater challenge. If your password is compromised but a second authentication factor is required to sign in, a criminal using your password will not be able to authenticate as you. Visit the National Cybersecurity Alliance MFA page for more information.

Where should we use MFA?

You should use MFA with any service that stores sensitive information. These include:

  • financial sites (like your bank, credit card company, or investment account)
  • social media (like Facebook, Instagram, TikTok)
  • email (like Gmail or Hotmail)
  • your Kalamazoo College network account

MFA is required for all students, faculty, and staff, and more information can be found at our Multi-Factor Authentication page.

Subscribe to our Posts

Did you miss the latest IS announcement? Subscribe to receive our posts directly to your inbox!