Your IT Consultant

MFA Can Lock You Out of Your Own Accounts

June 22, 2020

Multi-factor authentication (MFA) is a must to protect unauthorized access to your accounts. You should turn on MFA for every service that you use, especially before someone else does it for you. As Krebs on Security reports, you can be locked out of your own account if someone else enables MFA before you do.

Krebs on Security details the events surrounding the hijacking of the Xbox account for the son of a career chief privacy officer. Trying to reclaim the account proved extremely difficult since MFA was tied to a different email account. That means you can't reset the account without control of the new email address. As Krebs on Security stated, "Certainly, not enabling MFA when it is offered is far more of a risk for people in the habit of reusing or recycling passwords across multiple sites. But any service to which you entrust sensitive information can get hacked, and enabling multi-factor authentication is a good hedge against having leaked or stolen credentials used to plunder your account."

Turn on MFA now while you still have control of your account. If someone else takes over your account and adds MFA to it, you're pretty much screwed.

Email: Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com