How does Multifactor Authentication work? | MFA and privacy explained

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
what happens when you use your phone for multi-factor authentication for work almost all organizations are implementing or considering implementing multi-factor authentication and when they do they typically say that they want you to use your phone for it many people are concerned about using their personal phones for work or concerned about privacy issues but what actually happens on your phone when you use multi-factor authentication multi-factor authentication means that you need to enter a code usually six numbers after you enter your username and password on a site most often this code comes from an app on your phone or from a text message sent to your phone this protection is very effective for your account since someone who wants to break into your account needs more than just your username and password they need to have your phone too multi-factor authentication works so well that most online services offer this protection for your accounts like banks email services even facebook and twitter but how does the app work the app on your phone acts little more than a clock every 30 seconds or so it creates a new six digit number code for you to enter for each of the accounts that you have set up in the app that code is based on the current time plus a secret key that secret key is created by the company or website where you want to log in and is usually given to you by a qr code that your authenticator app scans so you take a picture of the code with the app and you're ready to go when you take a picture of the qr code the company or website doesn't even know what you did with it or what phone you used there's no connection between the app on your phone and the company or the website or even your account in fact the app works just fine even if you have no internet connection on the phone all the app does is generate a special code every 30 seconds like clockwork so in this form of multi-factor authentication there are no privacy issues and your organization has no connection to or knowledge of your phone it's just like a clock some authenticator apps have a feature where the app can send the code for you this is called push authentication when you try to log in instead of a page appearing asking you to enter in a code it sends a signal to your phone and all you need to do is to click a notification on your phone and your phone sends the code on your behalf this is very convenient for a lot of people but if you use this feature there is an active connection between the company or website and the app on your phone you do not have to use push authentication there's no requirement to use this feature entering the code by hand works just as well sms and text for multi-factor authentication works a little differently instead of using an app in your phone the company or website sends a text message to your phone with the code this method means that you do not need to install anything in your phone this option works well for people who have a phone but can't install apps on it however text messages are not very secure and can be intercepted by criminals who are looking for them they also require that you give your phone number to the company or website so they can send you messages multi-factor authentication is a very effective method to protect your accounts and you should look to enable multi-factor authentication on all your online accounts even if the site doesn't require it your most common options for multi-factor authentication are an app that generates a clock-based code optional push authentication and sms or text for those interested in privacy and not wanting to connect their personal phone to work the app with a clock-based code is the perfect option and it can be used for all your online accounts not just for your work accounts
Info
Channel: Jordan M. Schroeder
Views: 46,033
Rating: undefined out of 5
Keywords: cybersecurity, cyber security, information security, 2fa, MFA, multifactor, multi factor authentication, phone, multi-factor authentication, two factor authentication, two-factor authentication, privacy, using a personal phone for work, using a personal mobile phone for work, should you use a personal phone for work, 2 factor authentication, authenticator app
Id: lEHhivPJQ5w
Channel Id: undefined
Length: 4min 2sec (242 seconds)
Published: Tue Mar 09 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.