Tech Time Warp: Is MFA the brainchild of a digital pirate?
In conjunction with the 20th anniversary of Cybersecurity Awareness Month, organizers have introduced a new evergreen theme: “Secure Our World.” Designed for year-round use, the theme encourages adoption of now-widely available security measures such as multi-factor authentication (MFA). Let’s get into this week’s Tech Time Warp.
MFA keeps technology and online accounts secure by requiring users to authenticate their identity in two or more ways in order to log in to a system. For instance, you might be required to enter your password and a time-limited unique code delivered via text, email, or a dedicated authentication app. Or you might need to provide biometric data through facial recognition or a fingerprint. Either way, the human brain is required to complete the multi-step login process, preventing brute force attacks. (This might seem like a pain, but hey, it’s not as annoying as a bot-blocking captcha!)
The curious component of MFA is its history, which involves one of the world’s most infamous digital pirates. While it’s true that RSA received a patent in September 1983 for its encryption algorithm, which required the use of a public key and a private key, and that in 1998, AT&T received a patent for a system involving an automated transaction alert and subsequent customer confirmation, the individual who claims to have invented MFA is Kim Dotcom.
That’s the same Kim Dotcom who founded the piracy website MegaUpload, which once accounted for an estimated 4% of all global web traffic. The site enabled easy cloud sharing of large files, such as pirated movies. Dotcom has been hanging out in New Zealand for more than a decade to avoid extradition to the U.S.
In May 2013, Dotcom claimed credit for MFA in a tweet: “Big reveal: 1billion+ Two-Step-Authentications on the Internet weekly. I invented it. Here’s proof.” In his tweet, he linked to a patent he received in 2000 under the name Kim Schmitz. That was two years after AT&T’s patent—but that didn’t stop Dotcom from suggesting the Silicon Valley giants relying on his two-factor authentication method should help pay his estimated $50 million in legal bills. So far no one has bought into this argument, however, and Dotcom’s MegaUpload teammates Mathias Ortman and Bram van der Kolk have given up and entered a plea deal to serve sentences in New Zealand.
Did you enjoy this installation of SmarterMSP’s Tech Time Warp? Check out others here.
Photo: tete_escape / Shutterstock