Article tags

Estimated reading time is 5 minutes.

Email is a fundamental part of everyday life, so protecting your email account from being compromised by a cybercriminal must be a priority.

What is MFA?

MFA is an added layer of security designed to confirm your identity when logging into an online service or account. This helps protect your accounts from being compromised by cyber criminals. MFA requires that you enter additional information to gain access to your account. It’s also referred to as ‘two-factor authentication’ or ‘2FA’.

Why MFA is important

Using MFA makes it harder for cyber criminals to break into your account than if you only use a password. With MFA turned on, if your account is compromised and the criminal has your password, they will need to enter additional information that only you can provide.

Online accounts such as banking, social media and email can contain a lot of valuable information about you. Information that could be accessed includes:

  • Personal identifiable information
  • Banking details
  • Employment details
  • Information from government agencies such as Medicare or myGov
  • Personal photos and messages.

If a cyber-criminal gained access to any of your accounts, they could:

  • Sell your data on the black market. This could include credit card numbers, names, addresses, emails, date of birth and so on.
  • Gain access to social media accounts by resetting your password.
  • Send phishing emails to your contact list. These could trick your friends and family to give out personal information or install malware onto their devices.
  • Send fraudulent email requests for payment. Learn how to avoid email scams.

Different types of authentication

One-factor authentication

One-factor authentication is something that only you know, like your password or PIN. Systems that use one-factor authentication only require a username (such as an email address) and a password to access them.

Two-factor Authentication

Two-factor authentication is something you know (password), plus something you have. Systems that use two-factor authentication require a username and a password, plus a one-time password or code (sent to your mobile phone, for example) to access them.

Three-factor Authentication

Three-factor authentication is something you know, plus something you have, plus something you are (a biometric input, such as a fingerprint scan to unlock your phone). Systems that use three-factor authentication require a username and a password, a one-time password or code, and some other unique biometric that identifies you.

How to set up MFA on your accounts

Below are some of the common ways to set up MFA on your accounts.

Set up MFA on Office 365

You can set up MFA on your Office 365 in the Admin centre. This will generate a phone call, text message or an in-app notification to verify your identity. Find out how to set one up on Microsoft’s step-by-step guide.

Set up MFA on Apple devices

You can enable MFA on your iOS and macOS devices. For more information and instructions, visit Apple’s guide on MFA.

Set up MFA for other accounts

To help you set up MFA for other accounts such as social media or Gmail, the Australian Cyber Security Centre has a list of helpful guides to assist you in improving your online protection.

Helpful resources

Handy tips for secure online shopping and banking

Stay in control of who accesses your information when browsing online with these simple tips.

How to keep your identity safe online

Your identity is your most valuable asset. Protect it. Your freedom depends on it.

Help your friends and family date safely online

Online romance scams are on the rise, know the signs.