It's one thing for tech companies to urge users to enable multi- or two-factor authentication, but now the White House is urging all US organizations to do it because of potential cyberattacks ahead.
Two-factor or multi-factor authentication (MFA) was a concept that needed to be explained carefully to the public a few years ago. It's an approach to cybersecurity that requires users to sign in to an account with something they physically posses, such as a phone.
Most companies don't use it, even when it's readily available, according to previously reported data from Microsoft, because they prioritize easy access to information over security.
SEE:Cybersecurity: Let's get tactical(ZDNet special report)
But with the Russian invasion of Ukraine happening now, the US government has now told all organizations that MFA is a must.
"Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system," the White House has warned.
The message comes as the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) ramp up warnings about Russian hacking of everything from online accounts to satellite broadband networks. CISA's current campaign is called Shields Up, which urges all organizations to patch immediately and secure network boundaries.
President Biden said the warnings around improving tech security were "based on evolving intelligence that the Russian government is exploring options for potential cyberattacks."
CISA has led most of the US's efforts and has the authority to require critical infrastructure owners and operators to report ransomware and other incidents within 24 hours. The White House, however, has now urged all organizations, even those that are not considered critical infrastructure, to beef up their defenses.
"We accelerated our work in November of last year as Russian President Vladimir Putin escalated his aggression ahead of his further invasion of Ukraine," the White House said in a statement. "The US government will continue our efforts to provide resources and tools to the private sector, including via CISA's Shields-Up campaign."
SEE:How Russia's invasion of Ukraine threatens the IT industry
It's rare for the leader of any country to urge everyone to step up cybersecurity defenses. Biden has used executive orders to compel federal agencies to patch software, but the new message urges the private sector to do the same.
Beyond the use of multi-factor authentication, the White House also urged companies to take seven other steps: