Data breaches are becoming commonplace in both small and big tech companies. The most recent victim was Australian telecommunications company Optus, resulting in unauthorized access to the identity data of roughly 10 million people.
Adding to the misery of the victims, this cyber attack further unleashed a plethora of subsequent phishing and fraud attempts using the data obtained from this breach.
Having more rigorous security measures when logging in can help to protect your accounts, and significantly reduces the likelihood of many automated cyber attacks.
Multi-factor authentication (MFA) is a security measure that requires the user to provide two (also known as two-step verification or two-step authentication) or more proofs of identity to gain access to digital services. This typically requires a combination of something the user knows (pin, secret question), something you have (card, token) or something you are (fingerprint or other biometric).
For example, the Australian Tax Office recently tightened some rules for digital service providers on the mandated use of multi-factor authentication. If you use certain services, you're already familiar with MFA.
But not all MFA solutions are the same, with recent studies demonstrating simple ways to subvert more common methods which are used to lodge cyber attacks.
Furthermore, people also prefer different MFA options depending on their needs and level of tech savviness.
So what are the options currently available, their pros and cons, and who are they suited for?