We believe there needs to be careful consideration before any government agency or company mandates MFA, with a few key steps to consider.
Different people and organizations will have different needs, so in some cases a combination of methods could work best. For example, an text-based solution may be used in conjunction with a physical security key for access to critical infrastructure systems that need higher levels of security.
Additionally, user education and awareness is vital. Many people aren’t aware of the importance of MFA, and don’t know which methods are the safest.
By taking some personal responsibility and using highly effective methods such as physical security keys to protect our most vulnerable accounts, we can all do our part to make the web a safer place.
Jongkil Jay Jeong is a CyberCRC Senior Research Fellow, Centre for Cyber Security Research and Innovation (CSRI) at Deakin University in Geelong, Australia.
Ashish Nanda is a CyberCRC Research Fellow, Centre for Cyber Security Research and Innovation (CSRI) at Deakin University in Geelong, Australia.
Syed Wajid Ali Shah is a CSCRC Research Fellow, Centre for Cyber Security Research and Innovation at Deakin University in Geelong, Australia.
This article is republished from The Conversation under a Creative Commons license. You can find the original article here.