How do you authenticate yourself when you’re trying to log into your online accounts and applications? Using usernames and passwords, of course. It’s as commonplace as having an email address nowadays.
But is it secure enough? It's secure for sure, but not as secure as today’s complex cybersecurity landscape demands. That’s where multi-factor authentication (MFA) comes into play.
What Is Multi-factor Authentication?
The simple reasoning behind passwords is that you use them to prove your identity to someone. In the case of an online account, you create a password when you first set the account up. When you go back later to log in, you use that same password to prove to the company that it’s you who is requesting access to the account.
In tech parlance, a password is one factor that you use when logging into an account or app. When you string two or more of these factors together, you get a multi-factor login process to prove your identity. This kind of cybersecurity procedure is called multi-factor authentication or two-step verification, and it’s becoming the preferred method of companies to enforce online security.
Factors could be many things:
- A piece of information, like a password, PIN, or security question
- A physical item that you have, like a smartphone
- Or something that is unique to you, like when apps request for your fingerprint or use facial recognition software
Linking two (or more) of these factors together creates a much stronger barrier when proving your identity. Let’s say for example that you have to type in a password (basic password security) and then go retrieve a code that was texted to your phone in order to log into an account. If a cybercriminal manages to steal your password, but does not have your smartphone, s/he won’t be able to access your private account, period.
The multi-factor verification process is so critical because information pieces (like passwords and PINs) can be stolen or cracked by cybercriminals who use sophisticated phishing and social engineering scams or complex tech attacks. Configuring two or more of these factors during a login process will help to strengthen your business’s security and ensure that bad actors are locked out of your sensitive information, databases, and accounts.
How to Enable Multi-factor Authentication for OnSIP Accounts
Multi-factor authentication is available for OnSIP users as another security precaution for your account.
Administrators have the ability to enable this feature for all users within their organization to mitigate fraud and ensure that only legitimate users can access the OnSIP app. The feature is found in the OnSIP app. See our Knowledgebase article for instructions on how to enable it.
Once enabled, all users within the org will need to authenticate their identities to ensure that only legitimate users will be able to access the OnSIP app. If a user tries to login to the app after being inactive for over 30 days, an email will be sent to them requesting verification of their account by clicking a link in the email. Once the verification is complete, they can continue to log into their account as normal.
As a precaution to ensure all users can access their accounts, we encourage OnSIP customers to whitelist the domain @onsip.com so emails from us do not appear in spam folders.
Multi-factor authentication is an important, and easy, measure you can take to boost the security of your accounts. While it’s just another few seconds for you to check your smartphone for a code or have the app perform facial recognition, it’s a solid barrier that will stop hackers and other cybercriminals dead in their tracks.