• Skip to main content
  • Skip to footer

Commonwealth Sentinel

Cyber Security for local government, non-profits and small business

MENUMENU
  • Home
  • About Us
    • Sheri Donahue
    • Leo Haggerty
    • Careers
  • Services
    • Vulnerability and Threat Evaluation
    • Transformation Management
    • CISO Management Services
    • Incident Response Management
  • News
  • Blog
  • FAQs
  • Contact Us

Terry Davis / September 23, 2022

MFA Fatigue…Yes, I’m Tired of Hearing About it!

By now, most of us have heard about MFA…which stands for Multi-Factor Authentication, NOT “MF* Aggravation.“
I am sure there are many users who have referred to it as such out of frustration for the extra 10 seconds (even though it may feel like hours) it takes out of their life to log in to their computer.
But MFA Fatigue is the reason we need to talk about it again.
“MFA Fatigue” is not exactly about your frustration with the time it takes to log in. It refers to a technique that cyber criminals use in their attack schemes.
There are several methods of MFA.
Push Notification sends you a notification to your phone whenever someone tries to log in to an account with your password. You then have to just click “yes, it’s me” to get in on your other device or “no, not me” to deny that access.
One-Time Password (OTP) is a code, usually 6 numbers, generated by an authenticator app on your phone which is tied to that account and will generate a new code for that account every 60 seconds.
Email or SMS is similar to the OTP, but it comes via email or text. It usually expires in a set amount of time (less than an hour).
A two-factor token is a physical device that generates an OTP or must be inserted into the computer.
The Push Notification is the tool cyber criminals use to exert MFA Fatigue.
Imagine it is late at night, and you are trying to sleep. You receive a message that says, “Did you try to log in from Frankfort, KY?” If you click no, then the criminal tries to log in again, and once again, you will receive the message. They continue to do this over and over and over until you finally are so aggravated and assume that it’s just a glitch that you will click “yes” so you can go back to sleep. No more fatigue. And no more security.
You are the gate that can keep the bad guys out or let them in. Keep it locked unless you know for sure. Once they’re in…it’s too late.
CYBER NEWS
Two-Factor Authentication Statistics: A Good Password is Not Enough
Two-Factor Authentication Statistics: A Good Password is Not Enough
Find out the latest two-factor authentication statistics and learn how to better protect your online accounts.
dataprot.net • Share
Domain Shadowing: A Stealthy Use of DNS Compromise for Cybercrime
Domain Shadowing: A Stealthy Use of DNS Compromise for Cybercrime
Domain shadowing is a special case of DNS hijacking where attackers stealthily create malicious subdomains under compromised domain names.
unit42.paloaltonetworks.com • Share
This huge DDoS attack was one of the longest ever recorded
This huge DDoS attack was one of the longest ever recorded
An unprecedented distributed denial of service (DDoS) attack saw over 25.3 billion requests being sent to a target.
www.digitaltrends.com • Share
Two-Fifths of US Consumers Suffer Personal Data Theft
Two-Fifths of US Consumers Suffer Personal Data Theft
Those suffering emotional and physical impact surges
www.infosecurity-magazine.com • Share
CYBER HUMOR

VOCABULARY WORD
OTP (One-Time Password/Pin): A type of multi-factor authentication (MFA) that is used to log in to a system/account once and expires. Unique OTP codes are required for each login of the system so that even if compromised, it cannot be re-used.
TWEET OF THE WEEK
Commonwealth Sentinel
Commonwealth Sentinel
@CwealthSentinel

Microsoft: Windows 10 21H1 reaches end of service in December https://t.co/Uvi4927AI6
9:33 AM – 17 Sep 2022

Filed Under: Blog

Footer

CONTACT US

COMMONWEALTH SENTINEL

1230 US Highway 127 S
Suite #5
Frankfort KY 40601
(502) 320-9885

EMAIL US

ABOUT US

Cyber security consulting for local governments, non-profit organizations, and small businesses facing the threats of the cyber world.  At Commonwealth Sentinel, we are passionate about helping people be cyber-safe!

FOLLOW US

  • Email
  • Facebook
  • LinkedIn
  • Phone
  • Twitter
  • YouTube

Copyright © 2023 Commonwealth Sentinel

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT