The Cybersecurity and Infrastructure Security Agency (CISA) on June 6 unveiled its latest cybersecurity public service campaign – aimed at trying to boost adoption of multifactor authentication (MFA) – coinciding with the opening of the RSA Conference in San Francisco, where agency leadership including Director Jen Easterly will be speaking this week.
The agency said the More Than a Password campaign is a collaborative undertaking with industry “to dramatically increase adoption of multi-factor authentication (MFA) and ensure widespread understanding of why it is one of the strongest tools to prevent cyber intrusions.”
The campaign also aims “to ensure that every American knows the simple steps they can take to keep themselves safe online, and to urge technology companies to make MFA available as a default option.”
The problem with using a single password over multiple accounts, CISA explained, is that criminals harvest a user’s password on one system, then they can likely use it to hack the user’s accounts on other systems. But using MFA, the agency said, dramatically cuts down on that “because even if one credential is compromised, unauthorized users will be challenged to meet the second authentication requirement, largely thwarting their ability to access the targeted device, network, or database.”
“Whether you call it multi-factor or two-factor authentication, this simple step can make you 99 percent less likely to get hacked,” Easterly said. “Think of it like an airbag or the seatbelt in your car—an extra layer to keep you safe in the event of an accident.”
“We need to get the word out that to stay safe online, every American needs to have More Than a Password on all their sensitive accounts,” she said. “And if you have an account that doesn’t offer an option for MFA, urge your provider to begin offering this essential security feature.”