Security Behaviour Database
/
All Behaviours > SB001 Enables multi-factor authentication for workplace accounts

SB001 Enables multi-factor authentication for workplace accounts

Multi-Factor Authentication (MFA) is the process of signing in to an account using more than one piece of information. This can be a password and a unique code sent to your phone (via a text message or from an MFA app). MFA prevents account compromise as it is less likely attackers will have access to an account password and the MFA device used for verification.


Why is it important?

Accounts are valuable. Controlling who has access to them is important, especially within the context of organisational security.

Most accounts are protected with passwords. Passwords are an example of something you know. The issue with passwords is that they can be weak, leaked or guessed.

Multi-factor authentication (MFA) requires another piece of information, something you have or are. This information is harder to compromise. MFA can be set up in various ways but they all make an account more resilient.

Priority Tier

Behaviours in SebDB are ranked by their impact on risk. Tier 1 behaviours have the biggest impact, Tier 4 behaviours the least.

Tier 0

Risk Mitigated

Account Compromise

Account Compromise

Account compromise happens when unauthorised people access them.

Further reading

https://www.cybercc.gr/m/filer_public/2015/03/30/eurosec15.pdf https://www.wired.com/story/two-factor-authentication-apps-authy-google-authenticator/
https://www.ncsc.gov.uk/guidance/setting-two-factor-authentication-2

SebDB is brought to you byCybSafe| © 2023 CybSafe Ltd