Multi Factor Authentication or MFA should be understood by now (hopefully) and should be widely used and implemented.

What is MFA? MFA is a simple best practice that adds an extra layer of protection on top of your user name and password. With MFA, when you sign in to a website or device, you will be prompted for your user name and password (the first factor — what you know), as well as for an authentication response from your MFA device (the second factor — what you have) such as a text message to your mobile device, or a string of numbers from an authenticator app (such as Google Authenticator). Taken together, these multiple factors provide increased security for your account settings and resources.

Most financial sites and apps, for instance, have been using MFA for years to protect your money.

In corporate settings, many breaches and cyberattacks are due to hackers gaining unauthorized access using accounts that are not properly protected. These accounts use simple and guessable passwords (Pasword123), factory default passwords, passwords written on sticky notes, passwords derived from social media profile (such as birthday or pet name), and passwords derived from social engineering and phishing attacks. Using multi factor authentication will lessen the risk of hackers gaining access to your corporate network.

However a lot of IT infrastructure devices do not use MFA. Privileged accounts on network routers, switches, application servers, database servers, hypervisors, storage and backup devices, etc. should use MFA to strengthen their security. Manufacturers should make it easy to configure MFA on these devices.