Ways to Implement Multifactor Authentication Without a Mobile Device

Passwords are hard to remember and even harder to change periodically, and it’s increasingly difficult to devise strong credentials. Instead of confronting the challenge, many users rely on weak passwords and reuse them for multiple accounts. This makes it easy for cybercriminals to guess credentials or obtain them via phishing attacks.

Once gathered, credentials can be sold on the dark web. Then, both the original criminal and hordes of other attackers can gain access to personal and work-related systems and data.

Two-factor authentication (2FA) and multifactor authentication (MFA) are accepted ways to make credentials much less vulnerable. 2FA relies on a combination of something you know (e.g., username/password) and something you have (e.g., your mobile phone or computer, a keycard or a USB) or something you are (e.g., a scan of your iris or fingerprint) to ensure that only authorized individuals can access sensitive systems and information.

MFA can involve all three factors. With MFA, even if the username/password combination is stolen, accessing an account is extremely difficult because criminals won’t be able to complete the additional authentication steps.

Click the banner to access customized content when you register as an Insider.