Two-Factor Authentication, the Future of Online Security
Not too long ago, a family in Mississippi installed a Ring camera in their daughter's bedroom to give them an extra pair of eyes, but they got more than they bargained for. Hackers gained access to the cameras, and they were streaming their daughter's activities. Frightening, right?
While smart devices are a welcome development, they are vulnerable to hackers. Bummer. But there is a silver lining in the name of 2-factor authentication.
What is 2-Factor Authentication?
Think of it as a second lock on a door. Also known as two step-verification, 2-factor authentication is a security process where one has to provide two authentication factors as proof of identity.
Two-step authentication adds another layer of protection, making it difficult for attackers to gain access to your devices or accounts. Yes, 2-FA would have come in handy for the family above.
But how vital is 2-factor authentication?
For the longest time now, we have been using passwords, and they have been enough to keep prying eyes out of our accounts. Now, though, you need an extra layer of protection. Here are some numbers for you; I believe we all love numbers.
65% of employees passwords can be hacked in 6-hours, and cyber-attackers now have the power to test millions of passwords in seconds. By and large, passwords are not infallible.
Also, answers to security questions have never been easier to find out. All our information is available online, and that includes the answers to most basic security questions such as the year of your graduation, or the name of your elementary school.
This is where 2-FA comes in handy. Whereas hackers can get your passwords, they cannot beat the security beast that is the second authentication. It is not foolproof, but it does reduce the chances of success.
So, what are your options?
Types of 2-Factor Authentication
Here are the various types and how you can set them up.
1. SMS Verification
SMS-verification is perhaps the most common type of 2-FA. You get a one-time password on your phone, which only works for that session. Also, it can be time-limited, meaning it can expire after a few minutes if not used. Don't worry, all you have to do is request a new code.
You see, a hacker has to have your password and access your messages to gain access. SMS-verification is also convenient as you do not need anything special.
You can also set up your accounts or devices to work with app-generated one-time codes. The most common apps are Authy and Google Authenticator. We recommend Authy as it does what Google Authenticator does, and then some.
The apps generate a different code every 60-seconds, and you have to use it within that period to access your account. App-verification is better than SMS in that it does not need a cellular signal.
3. Physical Authentication Keys
Using physical keys can be a bit overboard for individual accounts, but a worthwhile investment for organizations with sensitive information to protect. The key is simply a small USB that you have to insert into a new computer and press a button.
It cannot be intercepted, and thus safer than SMS and app-verification. Expect to see more of these physical authentication keys.
Though 2-FA is not foolproof, it does reduce the chances of attack; and other than protecting your smart devices, here are other areas where they are a must-have.
- Online banking and shopping.
- Cloud storage accounts and email
- Communication and productivity apps such as Trello and Skype.
The thought of hackers accessing one's accounts is terrifying. But these services and devices are part of our lives now, and the only way to remain safe is working with 2-factor authentication. And if you need help setting up, feel free to contact the Brainiacs. Plus, you can even go and see a Brainiac in person at our new Tech Hubs, no Buckeye account needed.