Cyberattacks are on the rise. Tech Republic notes that malware makers are leveraging more ransomware to steal user data, and in most cases it takes only a few minutes to breach desktops or mobile devices. Many companies now leverage the benefits of two-factor authentication (2FA) to reduce the chance of corporate compromise. Biometric Update reveals that 93 percent of companies use 2FA to secure at least one critical application. For individual users, meanwhile, it often seems like too much trouble to implement another security solution—aren’t complex passwords good enough?
So what exactly is 2FA, and how does it help protect your data?
The password problem
Usernames and carefully chosen passwords are the best way to safeguard email accounts and mobile devices, right? Not really. According to Time, users have a habit of picking easy-to-remember passwords that are also incredibly easy for hackers to guess. Among the worst passwords for 2017 were “Password,” “123456” and “starwars.” Passwords are often used across multiple accounts, making it possible for attackers to compromise one after the other in quick succession.
While some tech experts have suggested that the password is “dead” and should be abandoned as a security tool, its familiarity and simplicity make it a critical part of the security landscape. That’s where two-factor authentication comes in handy.
Two-factor authentication can be broken down into two categories: something you have and something you know. Credit cards are a perfect example. The first factor is your credit card, something you have. The second factor is your PIN, something you know. Combining the two significantly reduces the chance of someone using your card without your permission.
CNet indicates that the biggest benefit here is that even if hackers manage to figure out your username and password, they can’t access the two-factor authentication. This, in turn, keeps them out of your accounts. Additionally, many services will notify users if 2FA data is entered incorrectly or if attackers attempt to circumvent this protection.
The benefits of two-factor authentication
For users, the biggest concern about two-step verification is its complexity. Will implementing two-factor controls make it more difficult to access accounts? Will the process take longer? As noted by Wired, popular myths about 2FA include the idea that leveraging this solution on a single device isn’t possible, that users must possess at least two mobile devices to make this feasible. In reality, implementing two-factor authentication for popular services isn’t difficult at all.
What happens if you don’t use 2FA? Account takeover attacks are becoming more popular as users choose to store personal information online, access financial services and make high-value purchases. If attackers can guess your password or compromise your account, you could face everything from identity theft to credit card fraud.
Companies are using two-step verification for good reason—it works. Passwords are no longer enough on their own, and even complex passwords won’t stop determined hackers. Adopting a second “factor” for security reduces the chance of compromise with minimal impact on ease-of-use. The benefits of two-factor authentication far outweigh the minor inconvenience of app downloads and SMS codes.
Article provided by: ADT
Does your business use 2 factor verification?
Are you up to date on what practical security measures should be in place at your business?
Contact EasyIT about setting up 2FA for your organization!
I enjoy working with some of the most talented and brilliant technical professionals in Columbus. I have the opportunity to let business owners focus on running their business, while EasyIT handles all of the network and infrastructure support. We provide IT Outsourcing and Co-sourcing agreements that let our clients rest assured that their data is secure, backed up, and their users always have a reliable and speedy help desk to call. Our virtual CTO services allow organizations to have guidance and advice from EasyIT’s CEO, Kurt Hoeft, without having him on their staff or payroll.