Why is MFA so important?

16.03.22

There’s an idea emerging in the industry that your password is (often) no longer important. It’s a bold claim, but it’s one echoed by Microsoft’s own Security and Protection team.

Essentially, many account compromises don’t relate to the complexity of your password, instead they can be because:

  • Your password was unearthed in a data breach
  • Your was password inadvertently given away due to phishing
  • Your password was saved somewhere it shouldn’t have been (for example on a post-it note stuck to your desktop!)
  • Your password was picked up by key logging malware

In these cases it doesn’t matter how complex your password is, as your password is now known.

That said, to prevent hackers easily guessing your password, it’s still very sensible to ensure you are not using one of the top guessed passwords (such as 123456, password or 000000) and your password meets a reasonable level of complexity (at least 8 characters), you can even use a password generator such as https://passwordsgenerator.net/ to create your password. But ultimately one of the best ways you can protect your account is through multifactor authentication (MFA).

MFA allows a second factor, or a secondary method, to secure the password-protected account. For example, an SMS message can be sent to a mobile phone with a 6-digit code to ask for a second layer of authentication whilst logging in. Or, we recommend using the secure Microsoft Authenticator app which sends a push notification to your phone for quick approval of your login attempts. Accounts with MFA enabled are 99.9% less likely to be compromised, and this technology reliably protects against each of the compromises listed above.

We are now recommending at minimum that Office 365 should be secured with MFA to protect your account against compromises.

There are some great cyber security features you can get to protect your company from cybercrime alongside MFA such as advanced email security and backups. Here at Computer Geeks, we provide all these through Geeks 365 secure which better secures your core cloud services, all of these are also present in our Geeks Cloud Solution.

If you believe your account may be compromised, it is important to get in touch with your IT Support company as soon as possible. Here at Computer Geeks, we can take a look and see if there is any unusual activity taking place and support you with any necessary next steps.

Get in touch to find out more, give us a call on 0117 325 0370 or email info@geeks.co.uk