How extra layers of 2FA can protect your digital data security systems and minimize future unauthorized data leaks.
If you’re operating at all in the digital space — as a consumer or as a business — you should be concerned about password security — and obviously, you should make it a habit to practice good password hygiene.
But is that enough — and how can two-factor authentication help?
Well, all five of the Tech Giants (Apple, Microsoft, Alphabet, Amazon, and Facebook) have changed their minds about two-factor authentication and have now started to mandate or “strongly encourage” this extra layer of security for their users.
It’s not easy to keep a password secure. User-created passwords are generally weak or repeated across multiple accounts; about 90% of passwords can be cracked in less than six hours. Two-factor authentication adds a second layer of protection to your password, so if someone gets your password, they still have another hoop to jump through.
How can I use two-factor authentication?
Here’s how it typically works: For starters, you enter your credentials — typically a username or email address and password. The service then automatically sends a request for another piece of information to confirm your identity before granting you access. If you’ve ever used a debit card at the ATM or paid for gas with a credit card at the pump, you’ve used 2FA by providing one form of account access (a card) along with another (your PIN or ZIP code).
Two-factor authentication (2FA) basically consists of two of these three categories:
- Something you know. This is some sort of knowledge and can include things like a PIN, answers to a security question or a password.
- Something you have. This is a physical object and can include things like an ID card, a phone authentication app, an SMS code sent to your phone or a security token.
- Something you are. This is biometric data and can include something like a fingerprint, face or retina eye scanner.
The key to 2FA is that the two factors must be from different categories. You can’t have two factors from the same category.
2FA is like…
Need help visualizing this? Remember when you made your very first online login? Well with 2FA, just imagine after you entered that password you now have to verify either something you know (security questions), or something you have (phone authentication app), or something you are (fingerprint, voice, face etc). For one of our interns that attends Boston University, he uses DUO 2FA to access his online school coursework and just has to press a button on his phone whenever he wants to login into his account. For him, “It’s as easy as looking at my phone and worth the extra step for more security”
Although 2FA isn’t 100% foolproof — as nothing in cybersecurity is — it’s much better than only having a password.
Think of protecting your home from burglars — you can have a loud, scary dog to keep robbers out or you can have a home security system to keep them out. But, if you combine both the loud, scary dog and the home security system, that adds a lot more protection to your home.
Two-factor authentication is a lot like that. The point is to make you a less attractive target for hackers because they rarely target specific people — they find people who are easy to hack, those with weaker security. If their target is harder to crack, they’ll just move on to the next one.