To keep your business’ network and infrastructure secure, you need to adhere to solid password practices. That includes not using the same password across different sites, using password managers when possible, and choosing passwords that are unique, but memorable. One of the most useful technologies used to secure accounts is two-factor authentication (2FA). Let’s take a look at how to incorporate 2FA into your security strategy.
When you commit to using a password management tool, it can make it much easier to securely get into your accounts, especially since there are settings inside of the password manager that will remember specific devices. If you put a 2FA platform in place, you click on the account you want to sign in, and instead of going to the site, you are taken to an interface where you are asked for a code. You can either use an authentication app or get a code via SMS/email that will give you the code needed to access the site you want to go to. Some sites will use a reCAPTCHA tool, where you have to confirm that you aren’t a computer. Regardless, more and more sites, apps, and services are looking for end users to use more secure means of authentication in order to gain access to websites and information.
As mentioned above, you’ve probably seen 2FA in action. Secure sites like your bank or credit card will have it as a default to ensure that it is you that is, in fact, accessing the secure information. Sites like Google and Facebook have options in which allows users to put in practices 2FA. It really is a much more secure way than just having a password in place to secure important information and applications.
By definition, two-factor (or multi-factor authentication) are authentication methods where a user is granted access only after successfully presenting two pieces of evidence to an authentication mechanism: knowledge, and possession.
Knowledge: This is your password. You’ve memorized it or stored it securely in a password manager. The idea is that only you know it or have access to that information. In events where you don’t know your password, some sites might also accept your full email address or phone number in order to reset your password.
Possession: This is something that you own and almost always have in your possession. This is typically your smartphone, but other methods might have you carrying around a USB thumb drive or an electronic key that generates a random number.
The instantaneous code that is sent provides one more feature. It acts as an informant. If somebody were to log into one of my accounts with my password, I would find out instantly. Even then, they wouldn’t be able to get the PIN from my text message or authenticator app to finish the login process. This tells me I should change my password immediately, but otherwise my account should be safe.
Just because you’ve chosen to use two-factor authentication, doesn’t automatically mean you are completely protected. After all, the systems, while behind two layers of security instead of one, are still able to be accessed if credentials are available. In fact, there have been plenty of high-profile attacks where 2FA was enabled and hackers still gained access.
You need to ensure that you use strong password practices and keep other people from gaining access to your authentication information, including using individual passwords for each account so that if one password were to become compromised, that others wouldn’t follow suit.
Recently, we saw the launch of Disney+, and it was reported that several thousand users had their brand-new accounts hijacked within hours of the launch of the service. This wasn’t because Disney was hacked, of course, it was because hackers just attempted to log in to steal accounts with emails and passwords that they already had from some other data breach.
Phishing attacks are plaguing millions of inboxes every single day. These attacks replicate the website in which they are impersonating, with a realistic login screen. Users are tricked to go there, fill in their information, and the credentials are directly sent to the cybercriminals.
Two-factor authentication may not be the be-all, end-all to keeping your network-attached resources secure, but it does put one more step between you and the cybercriminal. For more information about how you can use 2FA, call our technicians today at (403) 210-2927.
Comments