Monday, February 04, 2013 Security Tips
|Is 2 Factor Authentication Enough?|
Related: Tips For Safe Online Shopping
It works in a simple enough manner: it uses dual factor authentication to strengthen the security blocks in a login process. Consider this: just introducing a second step in the login process could fortify the login process with an extra password: that's one extra layer of hacking/ breaking in/ stealing/ cracking/ phishing that counts! But it's not as simple as just adding an extra layer: two factor authentication takes security layering to a new level because it works on the principle that the second layer ought to be something that you have, are, know or are near. This is basically internet protection up several notches, and it's clear with the alarming number of hacks into top traffic websites, that we need it.
So how does this work? After you enter in the initial (Step 1) password, you may be either asked to:
- Enter in another password that you know (something you chose previously, got sent to you on your phone using the One Time Password format or generated for you on a key fob)
- Use an app or any other phone based software to generate real time passwords applicable to the website you are trying to access
- Speak or scan your fingers or eyes (using biometric data is the new level of authentication that could take a few years to bring to the mainstream)
- Allow the access mechanism to analyse for proximity, especially if hackers are traditionally known to hack from far-off remote locations.
Related: How to Keep Your Computer Safe From Thieves
The best part is that 2FA can be easily integrated with more layers or security to provide a more robust login infrastructure. Of course, this could make it inconvenient to users depending on the kind of protection that is really required, but some combination systems allow the introduction of reputation and attributes of the devices the user is using. Information about the login attempts (and any risk assessment) is shared with the customer and a database of cyber security experts who use this information to proactively handle security concerns. In fact, reputation managers can even expose associations between devices and users to show fraud rings that would have previously been "invisible" to the average customer.
Just as fraudsters will continually work to break through the tightest security nets, at this point, 2FA is the strongest and most easily accessible form of multi-layered cyber security net available to medium and large businesses. Some of these fraud rings are being used in permutations by criminals around the world who are fine tuning trojan code to get into infected computers and steal the information they find relevant. If you're looking for a way to up the security quotient on your website, now is the time to use two factor authentication. Any later, and you just may be too late!