Multi Factor Authentication (MFA)

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
12 hours 57 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:00
>> We're going to continue
00:00
our discussion of identity and access management by
00:00
talking specifically about
00:00
Multifactor authentication, MFA.
00:00
In this lesson, we're going to talk about
00:00
what Multifactor authentication is,
00:00
the four most common authentication factors,
00:00
and the use case for
00:00
a Multifactor authentication in Cloud environments.
00:00
Multifactor authentication
00:00
is a security best practice that
00:00
is used to strengthen
00:00
the authentication step of
00:00
identity and access management.
00:00
Most people are used to at least authenticating with
00:00
one factor, the password.
00:00
The password is usually represented
00:00
as something you know.
00:00
That's a password is an example of something you know.
00:00
There are three other types of
00:00
authentication factor that are commonly use.
00:00
The second one is something you have.
00:00
Sometimes organizations give people
00:00
authentication tokens or YubiKeys
00:00
that are plugged into their machines.
00:00
This physical device, then the signature
00:00
or the code it provides is a secondary factor.
00:00
It's something you have in
00:00
your possession that you used to authenticate.
00:00
Then there's something you are.
00:00
Some organizations or data-centers,
00:00
they will have bio-metric authentication
00:00
through the use of iris scans or palm scanners.
00:00
It reads some aspect of
00:00
your unique biology and use it to authenticate
00:00
>> that you are the individual you claim to be.
00:00
>> Then the last factor we're going to talk
00:00
about is something you do.
00:00
You often see this in
00:00
banking websites or very sensitive websites
00:00
where you have to
00:00
authenticate that you're not a robot that you
00:00
could click something or do a specific task
00:00
that at this current stage would be
00:00
computationally difficult for AI robot to pull off.
00:00
However, something you do is under
00:00
threat as improvements in AI and machine
00:00
learning get better and better at executing tasks that
00:00
previously were only possible to be done by humans.
00:00
Multifactor authentication is the use of any of
00:00
these four items used in
00:00
tandem with one of the other items.
00:00
It's not necessarily MFA,
00:00
if you're using two examples of something you know,
00:00
or something you are,
00:00
you really have to pair these things together.
00:00
You might be asking, well, this seems like a lot of
00:00
work here to put in my password as
00:00
well as put in some other code that's sent
00:00
in a device that's
00:00
on file with accompany is believing in my possession.
00:00
Well, that's right, but
00:00
Multifactor authentication adds an extra layer of
00:00
security and it should be really
00:00
employed in critical environments,
00:00
places where administrators require
00:00
access or access to really critical systems.
00:00
On a personal level, you should definitely
00:00
imply use MFA for
00:00
any of your banking or financial services accounts.
00:00
Or in this day and age,
00:00
especially social media accounts,
00:00
because those can damage your reputation as
00:00
well if left under the wrong hands.
00:00
The idea here is to create another barrier
00:00
>> for access for a would-be impersonator
00:00
>> or hacker who is going to somehow
00:00
>> find your password and then
00:00
use that to access your account.
00:00
In Cloud-based application environments,
00:00
we want to make sure that any customers that are
00:00
using our application are
00:00
protected and that they
00:00
are who they say they are
00:00
when they log into our environments.
00:00
Then internally, we want to ensure
00:00
that MFA is put on critical accounts.
00:00
In the event of a compromise a would-be attacker,
00:00
threat actor would be slowed down as
00:00
they try to do something malicious on the system.
00:00
Quiz question.
00:00
>> Which of these items is an example
00:00
>> of Multifactor authentication.
00:00
>> One, an iris scan and palm scan.
00:00
Two, a username and password,
00:00
or three, a password and authentication code.
00:00
If you said number 3, you're correct.
00:00
An iris scan and a palm scan are
00:00
both examples of a factor 3,
00:00
something you are so used together,
00:00
they don't provide Multifactor authentication
00:00
because they are using the same type of factor.
00:00
Number 2, a username and password.
00:00
Those are both things,
00:00
you know, they're only example of factor 1.
00:00
Username isn't even typically
00:00
considered a piece of authentication.
00:00
It's a piece used to identify the individual.
00:00
Finally, number 3, our correct answer,
00:00
a password represents something you know and
00:00
authentication code is something you have.
00:00
Those two things together reflect factor 1,
00:00
factor 2 together are Multifactor authentication.
00:00
In summary, we talked about
00:00
the concept of Multifactor authentication.
00:00
We talked about the most common authentication factors,
00:00
often remembered by something you know,
00:00
something you have, something
00:00
you are or something you do.
00:00
Then we talked about the cases for
00:00
Multifactor authentication in the Cloud.
00:00
You may require Multifactor authentication
00:00
for our customers accessing your Cloud application,
00:00
especially if it's of a sensitive nature,
00:00
such as finance or banking.
00:00
Then you may also employ
00:00
Multifactor authentication to protect
00:00
your sense of accounts internally,
00:00
to ensure that only those who have
00:00
the correct ability to authenticate can access them.
00:00
I'll see you in the next lesson.
Up Next