CyberHoot recommends clients enable MFA for administrator logins.
CyberHoot supports three methods of accomplishing MFA.
#1 Authenticator Applications: Watch the short video below for a quick, 1-minute walkthrough on how to set up your authenticator app for secure access to CyberHoot. Any Authenticator app can be used including Google Authenticator and Microsoft Authenticator. There are others and they work the same way. This is the recommended and most secure form of MFA supported by CyberHoot.
#2 Email: If you take no action after registering as an Administrator, your Multi-Factor Authentication (MFA) code will be sent to you via email each time you log in with your email address and password. While this method is generally considered safe, it’s not as secure as using an Authenticator App—though it does offer greater security than SMS-based MFA. If email and authenticator apps aren’t viable options for you, SMS is available as a fallback.
#3 SMS: NIST has deprecated the use of SMS-based Multi-Factor Authentication (MFA) due to its lower security compared to other methods. Although CyberHoot can send you an authentication code via SMS if you enroll your mobile device, this approach should be avoided when possible. While it may seem convenient, SMS-based MFA is vulnerable to threats such as SIM swapping, number porting, and interception.
Now that you know which methods of MFA we support, let’s learn how to set this up.
Step #1: Log in for the first time. You will be emailed an MFA code to input. This is enabled by default for all new administrators.
Step #2: Click on your Name in the Top Right corner once authenticated the first time.
Step #3: Under your account settings, select the form of MFA you wish to use (SMS, Email, OR Authenticator App) and follow the enrollment process.
You’re done. The next time you login this preference will be followed.
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
Spoiler alert: If you’re still using “password123” or “iloveyou” for your login… it’s time for an...
Read more
CyberHoot June Newsletter: Stay Informed, Stay Secure Welcome to the June edition of CyberHoot’s newsletter,...
Read more
Stop tricking employees. Start training them. Take Control of Your Security Awareness Training with a Platform...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.
