Password theft keeps evolving, with cyber criminals coming up with new methods to obtain a person’s password. The three main methods of attack are keylogging; which involves secretly recording the victim’s keystrokes on a keyboard, phishing; which involves fraudulent emails impersonating someone else to obtain sensitive information, SMS and phone calls, and pharming; which where malicious code, normally through your browser, is installed onto your device which in turn redirects you to a fake website where it will ask for sensitive information to be entered in.
With MFA (multi-factor authentication); a user must provide two or more forms of identification prior to being allowed access to the network or other sensitive information.
MFA is comprised of three factors. Something you know; passwords, PIN, pass phrases, something you possess; authentication app, key fob, and something you are which is your biometrics; fingerprints, face recognition. A bad actor getting ahold of just your password, would not be able to gain access to your sensitive information since they lack the other factors required to gain access.
Enabling MFA on your network is a simple implementation and can prevent 99.9 percent of cyberattacks.