Authentication is the process of proving one’s identity when requesting access (logging in) to an IT system.
The most typical form of authentication is done using a username, which is uniquely associated with the end-user, and a password.
Despite its name, a password does not need to be an actual word but is rather a secret combination of letters, numbers and symbols. In fact, a non-dictionary word may be harder to guess, so it is ideal that passwords are lengthy, obscure, mixed in letters, numbers and symbols.
It is also good practice to:
- change a password routinely
- not reuse the same password to for different systems
- not to write your passwords down
- not to share your passwords with others
Secure password managers can also help users manage and remember multiple passwords.
Access control can be further strengthened using multi-factor authentication (MFA). Using MFA the username and password combination that is used for authentication is further validated by using an additional piece of information, such as a one-time code that is sent by SMS to the user’s phone or using biometric security measures such as fingerprint or face recognition.
MFA should be used whenever possible, but especially when it comes to protecting sensitive data.
As part of the Cyber Security Malta, Tech.mt collaborates with the Malta Information Technology Agency (MITA) and the Malta Digital Innovation Authority (MDIA) to deliver educational video episodes about Security in the Digital Economy towards a safer future.