As passwords are no longer seen to be fully secure, it’s time to add two-factor authentication
The default for all User logons whether local or remote has always been reliant upon the humble password. In the past this was considered “good enough” security. However, staying connected in the modern world to conduct our business today, a password is known to be the weakest link.
Stockport IT Specialists Amshire explain more:
All too often there are reports in the media about passwords being stolen, either electronically or by social engineering techniques. Viruses and malicious code play their part in trying to obtain Users’ passwords. The biggest concern here is how do you know if your password has indeed been compromised? Your security logs will show that a successful logon occurred, but can you really prove who was behind the login? To put this into perspective, passwords are under attack!
Therefore, it’s more important than ever to find more secure ways to protect your personal data especially with sophisticated threats surfacing daily and ready to prey on those that have easy to guess passwords.
Implementing two-factor authentication to keep your accounts as secure as possible, means going through a two-step process to login to accounts. This may seem unnecessary but the effort is a far better option than giving hackers/criminals the keys to your digital data.
Two-factor authentication has been around for a while now and is a practical way to add further security to the User logon sequence.
Also known as multi-factor authentication, two-factor authentication is a process of confirming your identity twice before access is granted to an account and/or service.
Authentication falls into 3 categories:
- Knowledge factors – something the person as to remember such as a PIN or password
- Possession factors – a secondary device such as a key fob, card reader or smartphone
- Inherent factors – a person’s biometrics like a fingerprint, iris or retina scanning or voice recognition
Two-factor authentication is a combination of any two of the above three ways.
How does two-factor authentication work?
Two-factor authentication uses a second device that acts as a buffer between a service and login attempt. This can be anything from a secondary device such as a key fob, card reader or smartphone with the idea being that the owner of the associated device is able to provide additional information required to sign in.
The security check appears after a User has input their username and password. A system will first validate that the account exists, then prompt the User to perform an additional action. If the additional action is performed correctly, access is given to the account. Whilst it can be the slowest part of signing in, it is an effective way of preventing those trying to brute force their way into an account.
Is two-factor authentication safe?
Despite the benefits it offers, it is worth noting that multi-factor authentication is not 100% secure.
Whilst two-factor authentication may not be quite what it was expected to be, it must be remembered that it is still an important area of security and access control to keep in mind. The more hurdles you can put in the hackers’ way, the less likely they are to target you.
Thanks to Amshire for sharing their Expert Opinion