As an IT solution provider, I feel it is important to try and or use everything that I recommend to my clients. Doesn’t matter if it is hardware, software or processes if I wouldn’t use it, I won’t sell it. One of my business goals for 2019 is to re-evaluate and add-on to my layered security package and make sure it is still covering all possible threats to protect my clients’ data.
I decided I would use multifactor authentication on every login I possibly can using my own offering of choice. What prompted me to do this now was I had some suspicious activity on my Google account and attempted logins to my Facebook account that I didn’t recognize. So now to login to my google or Facebook accounts after putting in my password I’m prompted by an app on my smartphone to authorize the login or enter a randomly generated code. Since doing this I’ve had almost zero false login attempts and only once did I get prompted for a login that wasn’t me and therefore was able to effectively block the attempt. It has given me a great piece of mind in knowing should someone learn my password through a hacked site or similar action that they still can’t login without the MFA prompt to my phone app.
Now every important login I have goes through the app on my phone. Some prompt, some text and others I enter a code the app generates (one calls my cell and I just enter a number to acknowledge). Just depends on how the target you’re logging into is setup and while yes it does take a little longer to login at times, it is not as big a hassle as the majority of the time your phone is with you at arm’s length.
For me nothing beats the piece of mind this has provided me!