Multi-factor Authentication: Simple Explanation For My 5 Year Old Niece

This is the third blog on my series of “A Simple Explanation for My 5 Year Old Niece.” Please check my other two blogs  Cloud Access Security Broker (CASB) Model: A Simple Explanation for My 5 Year Old Niece  and Secure Password Management: A Simple Explanation for My 5 Year Old Niece for the complete story about my explantations to my niece, Sophia.

It all started when my niece asked what I did. To answer her, I asked her to select three words from many words written on my whiteboard. Word pick number three was “MFA.”

MFA multi factor authentication

So here is how it went. I began by telling my niece,

“Sophia, do you remember how we talked the other day about the importance of keeping our belongings safe? Well, today I want to talk to you about Multi-factor authentication (MFA). What this means is that we need to have more than one layer of security to access our home in order to feel more safe in it. Like, when you drive home with your mom from school in the afternoon, and when you get to your neighborhood, you know how your mom rolls down the window and gets an electronic card from her sun visor and places it in front of a black box until a green light comes on?  And then you see a gate open slowly?” 

Sophia replied, “Yes!, I see my mom doing this every time we get to our neighborhood!” 

So I continued,

“That’s right Sophia. Now that we went through one level of security to get to our home, we go into a second level of security, which is when your mom uses the remote control to open your garage door — this remote control is kept safe in the car so only she can use it. Now what else does your mom do to get in the house after you get out of the car,” I asked. 

Sophia answered, “I know! She uses her key to open the door to get into the house!”

“That’s absolutely right,” I said. “Now you know how your mom has to go through the car pool line at your school while you wait with your teacher? Well, they only let you go with her because she says her full name, then yours and shows her license plate. Your school is now using three different ways to identify your mom to let you go home with her.”

Sophia exclaims, “Wow, I always wondered why they didn’t just let me run to my mom’s car by myself!”

I explained the reasoning for that is to keep Sophia as safe as possible, so not just anyone can drive up and take her from school. 

I then explained the reason this multi-step security was needed.

“Sophia, do you know why it would be bad for your teachers to have all your information written down on a piece of paper that she’s holding?”

“Why?”

“Well, imagine if someone really bad were to walk up and steal it from her hands, then he or she would have information that only your mom and dad should know! There needs to be a safer way to keep the information. That’s why it’s better to have a knowledge factor (memorize the information), rather than have it written down for anyone to see.” I then asked Sophia, “What else do you think would help protect you better?” 

“How about looking at my hair or brown eyes!”

My niece was getting the gist of MFA basics, so I told her,

“That’s exactly right, Sophia. That is something called an “Inherence factor,” something unique to you, like your fingerprint! Now, Sophia, do you think this is better than just letting you wander off by yourself to your mom’s car in the car pool line?” I asked.

“It’s easier!” she answered.

“You’re right, and that’s the problem with companies that think it costs too much money or is too hard to implement, but MFA is actually worth the hassle, it will keep you and your parents safer.” I explained.

After our conversations, I have the sense that Sofia is more confident in what I do and what I evangelize to the technology industry. We all know passwords are not enough and that we should all use second methods of authenticating to password protected systems. Well, at least little Sophia knows now.

For more information on multi-factor authentication, please watch our MFA Everywhere webinar.