Online Payment
image description

tech blogging > our corner of the web

tech blogging >

A Layered Security Approach to Keep Your Credentials Safe

Tuesday, July 12, 2016

Two-factor authentication, commonly abbreviated as 2FA, is a security verification process that requires an extra piece of information in addition to your username and password. Information security breaches are becoming more common, on both the business and personal side, making heightened security measures a necessity. 2FA helps ensure that you are the only one who can access your account or mobile device – even if someone might have your password. For example, if your account uses 2FA you may be asked to enter your username and password, and then you'll be sent a text message with a verification code. You'll need to enter that verification code before you're able to access your account. If a hacker were to obtain your account password, 2FA adds an additional level of security by sending a unique verification code to your phone. Without that code, the hacker hits a roadblock.

The required extra piece of information is called an identifier. The three different types of identifiers used in authentication are:
  • Something you know – password, pin number, pattern, etc.
  • Something you have – security token, FOB, SMS, bank card, access/key card, etc.
  • Something you are – fingerprint, retina, voice recognition, etc.

2FA requires the user to provide two out of three identifiers and it can be implemented with very little effort across a variety of applications. It’s similar to multi-factor authentication, which is when the user must provide a variety of identifiers – usually involving a unique characteristic to their existence – think biometrics. Multi-factor can also include both 2FA and non-2FA credentials.
Some commonly used 2FA’s are:
  • pattern + security token
  • pin number + bank card
  • password + SMS
  • fingerprint + pin number

Unfortunately, hackers and cyber-attacks are only going to become more prevalent which means users need to take a proactive approach against information threats. Additionally, the growing number of connected devices and business applications that are used every day is making users more susceptible to mobile threats. Using 2FA is effective in preventing security threats because there’s a greater chance that the hacker will not have both identifiers to access information.

Will using 2FA protect you against every information security threat? No. But, it will drastically lessen your chances of being hacked and it’s certainly preferred over not using any type of two-factor or multi-factor authentication. Using your password alone is just not enough - the days of irrationally thinking “my password won’t get comprised” or “my security approach is good enough” are gone. Hackers are not only going after large corporations, they can also be at the heart of a small business or even an individual, which can lead to irreversible consequences and damage. Not to mention, a significant amount of time and resources wasted.

You may have been exposed to the Two Factor Authentication concept when setting up your new Apple or Android device. Here are some quick links for enabling 2FA on your mobile device:
2-step verification on Android
2-step verification for Apple

If you have questions about information security or mobile security, don't hesitate to contact us. We offer a varying level of managed security packages that cover your entire network, all the way down to just your email or software. There are also options for anti-virus and malware protection, as well as disaster recovery, should an information security breach take place. 

Comments
Post has no comments.
Trackback Link
http://www.itrw.net/BlogRetrieve.aspx?BlogID=11506&PostID=1465375&A=Trackback
Trackbacks
Post has no trackbacks.