Two Factor Authentication

Two Factor Authentication

September 5, 2019
Data breaches of companies large and small are on the rise. This is because critical business data and personally identifiable information is rather valuable to cybercriminals. This encourages criminals to target your passwords in an attempt to access your company’s protected information and systems. Luckily, there are standards and practices that can be put in place to mitigate the risk of a breach. Complex passwords, mandatory password changes and password managers can all assist in the fight against cybercriminals. But there is one tool that is highly recommended and significantly underutilized, two-factor authentication (2FA).

While 2FA may be an unfamiliar term, you are most likely using it every day. A good example of 2FA would be when using your ATM or debit card. Every time you are asked for your pin or zip code, you are providing a second type of authentication. 2FA is a combination of information used to verify your identity. These factors are usually a mixture of something you know, like a pin number or a password. Something you have, like your debit card or key card for an office door. Or something you are, like your fingerprint.

 

By implementing 2FA for your email address or system account, you add a significant layer to your overall security. The 2FA process usually works like this:

 

Step 1: Sign in using a username and password.

Nothing changes here. You would login like normal to your email or system account. You are then routed to a new page that prompts you for the second form of authentication.

 

 

 

Step 2: Provide a secondary form of identification/verification

One of the most popular types of 2FA utilizes an application that displays a code or sends you a text message with a unique identifier. Inputting this second bit of information logs you into your account.

In case of a password breach, the attacker would be unable to access your account since they do not have access to whatever is being used as the second factor.

Passwords have been and will continue to be the main form of authentication to access accounts and systems. But we know passwords are far from impervious to attack. If you are not using two-factor authentication in your environment, you are leaving your business at risk of a breach. If you are interested in implementing 2FA for your environment, give us a call today.