Multifactor Authentication

What is Multifactor Authentication, and why should you use it?

Two-Factor Authentication (2FA or MFA) - 2FA is an extra layer of security to ensure that people trying to access an online account are who they say they are. First, a user will enter their username and password. Then, instead of immediately gaining access, they must provide other information. For example, this second factor could come from one of the following categories:

  1. Something you know: This could be a password
  2. Something you have: Typically, a user would have something in their possession, like a smartphone, or a small hardware token
  3. Something you are: This might include a biometric pattern of a fingerprint, an iris scan, or a voice print

Acreto supports the most popular form of two-factor authentication - which uses a software-generated time-based, one-time passcode (also called TOTP, or “soft-token”) and also auth-code sent to the user’s email.

First, users must download and install a free 2FA app on their smartphone or desktop. They can then use the app with any site supporting this authentication type. At sign-in, the user first enters a username and password, and then, when prompted, they enter the code shown on the app. Like hardware tokens, the soft token is typically valid for less than a minute. And because the code is generated and displayed on the same device, soft tokens remove the chance of hacker interception. That’s a big concern with SMS or voice delivery methods.

Since app-based 2FA solutions are available for mobile, wearables, or desktop platforms — and even work offline — user authentication is possible almost everywhere.

Prerequisities

To start using MFA, you must own an application that will be your second-factor code generator. Several popular MFA (Multi-Factor Authentication) applications are available in the market:

  1. Google Authenticator: Google Authenticator is a free MFA app for Android and iOS devices. It generates time-based one-time passwords (TOTP) to provide an additional layer of security for Google accounts and third-party accounts that support the TOTP protocol.
  2. Microsoft Authenticator: Microsoft Authenticator is a free MFA app that generates TOTP codes and pushes notifications for Microsoft and third-party accounts supporting the TOTP or OpenID Connect protocols.
  3. Authy: Authy is a free MFA app that generates TOTP codes, push notifications, and SMS-based codes. It supports various third-party accounts and the Authy OneTouch feature for fast and easy authentication.
  4. Duo Mobile: Duo Mobile is a free MFA app that generates push notifications, SMS-based and TOTP codes. It supports various third-party accounts and the Duo Push feature for fast and easy authentication.

All mentioned application uses starts supported by Acreto - choose the best tool for you and install it on your device.

How Acreto uses MFA to provide security?

Acreto uses Multifactor Authentication in two scenarios:

  1. Secure Ecosystem Access - Ecosystem Administrator can activate the MFA to secure access to Acreto Portal.
  2. MFA Based Profiles for users - this future allows to force all users connecting to Ecosystem to use MFA in the defined period. For example, each person connected to MFA must confirm the connection with the MFA token once a day.

Both of these options are optional and can be enabled or disabled any time.

Summary

In an increasingly interconnected and threat-prone digital landscape, Multi-Factor Authentication has emerged as a “must-have” feature for organizations and individuals. By mitigating password vulnerabilities, enhancing security, complying with regulations, and offering user convenience, MFA significantly strengthens access control and protects against unauthorized access and data breaches. Implementing MFA is a proactive step towards bolstering overall cybersecurity posture and safeguarding sensitive information.

Next page: MFA for Acreto Connect Client - How To Enable