Due to the increased need for securing our IT infrastructure we have implemented two factor authentication (2FA) on our email and on our critical cloud services. We recommend to all our clients that they do the same.
What is multi-factor authentication (MFA)? Multi-factor authentication is a method of authentication in which a user is granted access only after successfully presenting two or more pieces of evidence (factors):
- Knowledge - something the user and only the user knows
- Possession - something the user and only the user has
- Inherence - soemthing the user and only the user is
Examples of knowledge factors: passwords, PINs, secret questions (what was your first car).
Examples of possession factors: An ATM card, security key or security token.
Examples of inherent factors: fingerprint, face, voice a.k.a biometrics.
What is two factor authentication (2FA)? 2FA is a subset of multi-factor authentication where a user's identity is confirmed using a cobmination of two different factors.
What are one time passwords (OTP)? A one time password is just that a password which is generated onces and only valid for a single use. When you login into your bank account online and your bank sends a PIN number to your mobile phone. The PIN you receive is a one time password.
What are application or app passwords? Some applications require passwords, but are not capable of mulit-factor authentication. A good example of this are email clients, like Outlook or the mail application on your mobile phone. Most multi-factor systems allow you to create application passwords to provide access to those applications which need to access systems which require multi-factor authentication.
An application password is generated once, but unlike OTP can be used multiple times. Application passwords (in our experience) can only be viewed once (when created), cannot be reset only deleted and are designed only to be used with a single application (Email on your mobile phone, email on your desktop, email on your laptop).