Two-Factor Authentication: What is it and Why Should Your Organization Be Using it?
Did you know you regularly use two-factor authentication (TFA)? When you swipe your debit card and enter your PIN code or write a check and are asked to show your ID. Each is a form of two-factor authentication. Two-factor authentication requires two ways to prove your identity and can be used to protect your organization’s online accounts. Organizations can no longer depend on passwords alone to protect their systems and data. TFA add an extra step and an extra layer of protection to your accounts.
What is Two-Factor Authentication?
Two-factor authentication provides an additional layer of security when using login credentials online. TFA verifies your identity when you log into a website by requiring you to both know something and have something. You need to KNOW your user name and password or PIN and you need to HAVE a mobile device (you can also use a USB dongle or other device that can generate one-time codes). The idea is to add an additional step in the process that greatly decreases the likelihood of a breach.
How Does Two-Factor Authentication work?
After entering your password (the authentication factor) the second factor usually arrives via a SMS message. You will receive a text with a code that you’ll then enter to log into your account. Your TFA code can only be used one time; each time you log into that account you’ll be sent a new unique code.
Another option is to use an authentication app to receive codes rather than having them texted via SMS. A few popular authentication apps are Google Authenticator, Authy and DuoMobile.
If you have the choice between an app or SMS code, the dedicated app is a more secure option. A hacker could intercept a text message or hijack your phone number by convincing your carrier to transfer it to another device. An authentication app does not need to rely on your carrier. Codes expire quickly when sent to the app and a hacker cannot intercept the message. Authentication apps also work without any cell service, which could come in handy.
Why should my Organization Be Using Two-Factor Authentication?
Some organizations are hesitant to use two-factor authentication for fear that it will complicate the login process and confuse employees ultimately slowing down workflow. A recent study suggests that 25% of employees admit to using the same password for all of their accounts, at home and work. It has also been discovered that a hacker’s preferred way to break into enterprise systems is with stolen account credentials.
Even strong passwords can and have been hacked. TFA adds an additional layer of protection making it much more difficult for hacker’s to gain access to vulnerable accounts. With the amount of data and information that employees store personally and professionally in online accounts it makes sense to add every layer of security that is possible. Just imagine someone getting access to all of your company’s stored data.
Sure, it can be a bit annoying to add another step in the log in process for various accounts and apps but at the end of the day the pros far outweigh the cons. For many accounts TFA hardens cyber security and enables enterprises to safely use advanced login options such as single sign-on.
Is TFA a perfect solution? No, but no security product can claim to offer foolproof protection. With that said, TFA DOES make it harder to get into an account and makes a hacker work much harder to get your information, making your accounts more difficult to attack and less attractive targets. Are you ready to add TFA to your accounts? We can help! Contact us today for more information on how TFA can help protect your online accounts.