Multifactor Authentication Tech Tip
MFA is a must-have if you set it up properly. Remember, keep authentication factors separate from the system the user is authenticating from. For instance, a user should not receive an e-mail with a one-time password as an MFA factor for accessing a VPN through the same e-mail account they use to access the VPN. A hacker who compromises that e-mail account has access to both the MFA factor (the e-mail delivering the one-time password) and the user’s password. So much for multifactor.