Security Tip # 6 – Multi-Factor Authentication

This post is part of a series on the top 10 things I look at when securing my home Linux installations. You can find the other posts here.

Tips 1 through to 5 generally apply system-wide – that is, they are system configuration choices you will make. Tips 6 through to 10 are more per-user choices. This distinction won’t make much difference in a home environment where each device is dedicated to a single user. It will begin to be apparent in an environment where more than one user users a device.

Use multi-factor authentication (MFA)

Multi-factor authentication, or MFA, is designed to prove you are who you say you are. A service using MFA for authentication will require you to provide at least two factors in order to login. For example,

  • something you know (eg, a username-password comb), and
  • something you have (an access code on a separate device or a token)

Two-Factor Authentication (or 2FA) is MFA that requires exactly two factors to be provided for authentication.

Multi-factor authentication is not the perfect solution to security woes. There are tales of hackers working around it. However a malicious actor will have to work harder to bypass MFA rather than a single username-password combination.

MFA examples

Most major vendors use some form of MFA in their application. For instance you can set up your Facebook account to use an authentication app.

Examples of authentication apps are:

Major vendors like Apple, Google and Amazon may use another kind of MFA called a One Time Passcode (OTP) when users login – by sending a code via text message, email, or out to a registered device. You will then need to enter that code in order to proceed with login.

Recap of my top 10 tips for securing Linux @home

  1. Enable and use an OS-level firewall
  2. Enable SELinux or another Mandatory Access Control mechanism
  3. Use sudo
  4. Apply software updates automatically or often
  5. Use encryption
  6. Use multi-factor authentication
  7. Enable threat-detection
  8. Browse securely
  9. Limit running services
  10. Backup securely

Update: My remaining posts this week are on women in tech. I will be back another week with thoughts on Tip # 7 – Threat-detection. Meanwhile, like or comment to let me know what you thought of this tip!

A glossary of terms is available here.

Once again, ensure you’re familiar with the disclaimer here!

Featured image by SHVETS production from Wave image from by DLKR

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: