Passwords have started to get weaker as a form of security. In the current climate of cyber awareness, there are more attacks and breaches than ever, making it even more important to use a good password.
We covered good password measures in a previous blog post here, however there are still millions of people who still use the same passwords for different accounts and platforms, as well as using information within the password which is super easy to come by like birthdays or names of family.
Cyber criminals have a variety of different social methods to attack accounts whose passwords area easy to guess. One of these methods is called ‘Phishing’, which is the act of impersonating someone else (usually of importance or relevance) over an email. Other methods that rely on tech rather than human incompetency can be just as devastating. For example, a brute force attack involves hackers being able to use technology to test millions of different password combinations each second.
The fact that passwords are no longer considered a sufficient security measure brings us onto two-factor authentication.
What is it?
Two factor authentication (2FA) is a method of security by adding an extra step into the login process of your online accounts. You’ll still have the enter a username and a password, but the next step will prompt you to complete a task which only you can access. It’s essentially just another way of double checking the person logging in is in fact you.
2FA works by getting you to complete an activity before being allowed into the account. The 3 main methods of verification are:
• A password, PIN or security question.
• A phone, credit card or SIM.
• Data such as your fingerprint or face.
Take Gmail for example. If you log in on a device which your email account isn’t familiar with, it will trigger a verification process. This is usually based on answering a security question or will send a PIN to your mobile phone number which you enter.
Another example is PayPal – you can set up your account so that each time you login it prompts a verification code sent on a text message to your mobile phone to use as a second authentication.
Why should I use 2FA?
Low Cost – most platforms like Google and Facebook already have the 2FA integrated into its security settings and provide the service for free. Bear in mind that not all companies offer this option for free though and may incur a small charge.
Easy to setup – As mentioned above, most companies make it really easy to turn on 2FA. Just head into security settings and hit the switch. You’ll usually get a verification measure come through straight away, then you’re ready to go!
Deterrent – If a hacker gets into your passworded account, they will hit the next wall. Unless they have access to your phone or other methods of verification specifically for you then they can’t access your device.
Is it secure?
Two factor authentication does increase your security by adding an extra barrier, however you can still be left vulnerable if your attacker knows what to look for. The human element of security is where this may fall down. Criminals still send phishing emails & can intercept your emails or messages if a bad link is clicked. This is very unlikely to happen, making 2 factor authentication a great way of keeping your data safe.
If you think that you would like to get two factor authentication set up amongst your workforce, ask us about what the best solution for you may be. We have also created posters to help keep your workforce educated about cyber security. If you would like a complete set of the posters delivered by Royal mail please fill out the contact form here and use the subject POSTERS.