2 min read

MFA Matters

Is it really-really you? Are you attempting to make a transaction, transfer funds, access your social media account, do basically anything online these days?

During your day, at work and at home, you undoubtedly are forced through a Multi-factor Authentication (MFA) process.

Image shows a highlighted keyboardIn the past, all we needed to verify our identity was a username and password. We had passwords for everything; dozens of usernames and password combos to supposedly memorize. Most people opted for the same (or very close) usernames and likely a single simple password. You loved it; so did hackers.

With usernames easier to figure out, it doesn’t take long for someone to guess your password; imagine your entire bank account wiped out because you always use your favorite dog’s name and birthday as your (only) password. Oops.

“MFA or Two-Step Verification may seem like an annoying step, but it’s providing a service not only to you but to the company you’re working with,” Jeremy Ferguson, Capture Manager for Strategic Growth at PAR Government, explained. “This step makes your account more secure and protects your personal information while providing the company the first line of defense when it comes to keeping information safe.”

Jeremy, who assists the PAR Government team in expanding its client base, has his bachelor’s degree in Information Systems Security and is completing coursework to earn his Master of Jurisprudence in Cybersecurity Law and Management from Texas A&M School of Law. Additionally, he has 22 years of experience with network administration and security for DoD and U.S. Navy’s most secure tactical networks.Coding appears highlighted on this screen in this photo

“PAR Government employees are familiar with MFA and, as a provider of services to DoD sites, we support MFA at various locations,” he said. Whether it is an authenticator application, a passcode from a text message or a phone call verification, MFA technologies all operate similarly. When you sign into your account on a new device, application, or a new web browser, you will need to provide your username, password, and then satisfy the MFA requirement.

MFA uses a combination of two or more factors to authorize authentication:

  • Who you are (biometrics, facial recognition, fingerprint)
  • What you have (a randomizing PIN generator, smartphone application, or passcode)
  • What you know (a personal PIN, password or secret answer)

“MFA prevents the chance of someone else using your authentication methods to log in as you,” Jeremy continued. “Hackers and thieves today have very sophisticated and undetectable means of stealing authentication information from a shared device or unprotected networks. Utilizing MFA information unique to that specific login session keeps unauthorized users from hijacking your authentication information.”

To further secure access, Jeremy offered the following tips to protect account authorization information.

DO NOT use the same username and password across all websites

ALWAYS use letters – both lower and uppercase, as well as numbers and special characters

DO NOT share your passwords with others (yes, even your Netflix password)

DO NOT write your passwords down – instead, consider a password manager

ALWAYS use MFA

DO NOT answer random questions on social media (favorite song, color, number) or participate in surveys that ask password related questions (your first-grade teacher’s name or your mother’s maiden name)

DO NOT use your first name or last name for your username unless otherwise directed

NEVER stay logged in on a shared device, close ALL browsing sessions when done

USE Incognito Mode or Private Window on shared devices

LOCK a device after a period of inactivity

Image shows closeup of computer connectionsPAR Government, through its subsidiary Rome Research Corporation, provides information technology services to several DoD clients. This includes helpdesk support, system administration, network administration, information assurance/systems security, database administration, telephone systems management, testing and testbed management, information technology infrastructure library (ITIL)-based service management, and engineering and installation services. For more information visit RRC Mission Operations.

 

Don’t Fall for Tricks

Social engineering is a skillfully crafted art form honed for malicious intent. Can you identify and stop the attempts? What should you do when you...

Read More

All About GV

PAR Government’s products and solutions are meant to keep the warfighter, first responder, and others focused on the mission. For more than 50 years,...

Read More

All About Sit(x)

PAR Government’s products and solutions are meant to keep the warfighter, first responder, and others focused on the mission. For more than 50 years,...

Read More