Using multi-factor authentication
Multi-Factor Authentication (MFA) is the process of signing in to an account using two pieces of information. Normally this is a password and a unique code obtained from a phone. Either via a text message or from an MFA app. MFA prevents account compromise as it is less likely attackers will have access to an account password and the MFA device.
Accounts are valuable. Controlling who has access to them is important, especially within the context of organisational security.
Most accounts are protected with passwords. Passwords are an example of something you know. The issue with passwords is that they can be weak, leaked or guessed.
Multi-factor authentication (MFA) requires another piece of information, something you have or are. This information is harder to compromise. MFA can be set up in various ways but they all make an account more resilient.
Behaviours in SebDB are ranked by their impact on risk. Tier 1 behaviours have the biggest impact, Tier 4 behaviours the least.
https://www.cybercc.gr/m/filer_public/2015/03/30/eurosec15.pdf https://www.wired.com/story/two-factor-authentication-apps-authy-google-authenticator/ https://www.ncsc.gov.uk/guidance/setting-two-factor-authentication-2fa https://go.gale.com/ps/i.do?p=STND&u=bu_uk&id=GALE|A599697922&v=2.1&it=r&sid=STND&asid=ee245c71