Security breaches are becoming a growing issue for businesses of all sizes. It is a good time to consider how you secure your online presence. Using a password is the most common way to secure most of your digital accounts, while passwords have done a decent job in the past of protecting your accounts, as cybercriminals become more advanced, security experts are finding that you need to add more complex layers of protection. Passwords only provide a single barrier between your account and a hacker.
Two-factor authentication (2FA), also now as Multi-factor authentication (MFA), is a simple way to add a valuable extra layer of security to your accounts. What is MFA? To understand 2FA we'll first discuss the 3 classic authentication factors:
Something you know: these are passwords, PINs and lock screen patterns
Something you have: these are physical keys, electronic tokens, and SMS codes
Something you are: these are biometrics such as fingerprints, retinas and faces.
2FA works by requiring you to have 2 different layers of security before accessing your account. These could be a PIN (something you know) and a fingerprint scan (something you are), or a retina scan (something you are) followed by entering a code from a security token (something you have). Since passwords are traditionally used for most online accounts and services, they tend to be one of the factors still required in 2FA schemes. Because of this a 2FA system combining a password and the possession of another factor makes it difficult for hackers to access your account since they would most likely be missing one of the pieces of the puzzle.
Adding a step in the authentication process to access your accounts can be seen as a nuisance, the good news is once it is set up properly there is very minimal time associated with using 2FA. While it may cause a minor inconvenience, the security benefits far outweigh the cons.
There are a few ways that 2FA is commonly set up. A common way that many online accounts use is a one-time code that is generated on, or sent to, an authentication device (such as your cell phone) so you can input it together with your password. While this way is a great added step it is not the most secure way because there is a possibility that hackers could access your text message date and retrieve the code.
Another way to set up 2FA is by using an authenticator app. These apps continually generate codes that are valid for a limited period of time. By having these apps on your mobile device, a push is made to the app that you will have the opportunity to accept, thus in combination with your password, will allow for access to your accounts. With certain accounts you can create rules that only require 2FA when an account is being accessed outside of a certain geographical location. This is a benefit for companies that don't want to require employees to have a 2nd authentication factor every single time they access an account within the four walls of their physical location.