There is no part of our lives these days that doesn’t travel through technology in some way. We bank online, store photos, send emails, text messages, and even store more sensitive data such as credit cards, passwords, and license details. With our lives being lived more and more online, it is vital that we do everything we can to protect ourselves.
Whereas once it was enough to only use a password to access our accounts and information, now, this outdated system has fallen prey to cybercriminals and is perceived as relatively easy to break. But there is a solution – and one you should be using: Two-Factor Authentication, also called 2FA or multifactor authentication. So, what exactly is it, and why do you need it?
Essentially, two-factor authentication is an additional layer of security used to protect your sensitive data and accounts from being easily accessible to threat actors. It allows the system you are trying to access to verify your identity even further before giving you access.
Two-Factor Authentication often utilizes, but not always (see details about how 2FA works below), a traditional password and an additional piece of information before granting you access to the account. The second piece of information generally comes from one of the following categories:
- Something you know: this could be a personal identification number (PIN), password, or the answers to a series of secret questions – all of which are likely to be known only by you.
- Something you have: this is something physical which you can use to prove your identity, for instance, a phone, a credit card, or a smart token
- Something you are: this is a more advanced addition to the list but one that is being used more and more, especially by government agencies, as it is less likely to be easily falsified. It uses your biometric data, including fingerprints, iris scans, and even voiceprints, to help identify you.
If just one of the two steps is unable to be verified, the system will deny access. This multilayered security requirement means that if you lose your phone or wallet, it is still highly unlikely that your accounts can be unlawfully accessed because they will also need an additional piece of information, they most likely won’t have.
How does 2FA actually work?
As mentioned, 2FA works based on the traditional username/password model, whereby the website or application prompts the user to enter the information they know, so the server can recognize the user. Upon recognition, the site will then prompt the user to initiate the second step to complete the login. For instance, if you have elected your phone as being the medium through which you further identify yourself, the site will send a one-time code to your phone number which you will have to enter to prove the phone is in your possession and that you are who you say you are. It is only after the second piece of information has been verified and accepted by the site that you will gain access to the account.
How secure is it?
The implementation of 2FA is definitely more secure than the old username/password model, but it is good to keep in mind that the security provided is only as strong as its weakest link, and this was shown in 2011 when RSA Security admitted that their SecurID tokens had been hacked, meaning the 2FA systems which used them had been compromised. Additionally, there have also been issues with the SMS-based 2FA and the account recovery process, but despite these issues, 2FA undoubtedly provides a higher level of security than any other system available so far.
As a user, though, there are still actions you can take to ensure you remain as protected as possible while online. If you would like to know more about enhancing your business’s online security, get in touch with the team at Solzorro today to discuss your options.
