Even Google is telling you to be on Multi-Factor Authentication (MFA)
Everywhere you go, someone is handing out advice about account security. It hurts to be reminded all the time about the ways to protect your critical data. However, have you ever wondered whether any of the security measures you’re taking are effective?
Several companies, like Microsoft & Google, take up surveys to find out the most effective security methods. Recently, Google teamed up with researchers from New York University and the University of California. It analyzed 350,000+ account-hijacking attempts to see how its most basic account-security settings protected users’ accounts.
It turns out that its techniques were super-effective.
Google’s blog post reads, “We found that an SMS code sent to a recovery phone number helped block 100% of automated bots, 96% of bulk phishing attacks, and 76% of targeted attacks”.
The most basic security setting you can use with your account is adding your phone number as “Recovery Phone” so Microsoft or Google texts you if an account sign-in looks suspicious.
One of the most effective methods is the on-device prompt. It requires an attacker to have physical access to your smartphone or tablet to authenticate a login request (Multi-Factor Authentication).
For the 100% effectiveness across all attempts, you should use security keys. Various study shows that it can block 100% of the attacks like automated bots, phishing attacks, or targeted attacks.
If your IT organization hasn’t deployed Multi-Factor Authentication, it is time to wake them up. Clearly, the results back up the reasoning.
Give us a call at 914-355-5800 to find out more about Multi-Factor Authentication.