Before addressing the question ‘what is two-factor authentication or ‘what is 2FA,’ let’s consider why it’s important to do everything you can to improve your online account security. With so much of our lives happening on mobile devices and laptops, it’s no wonder our digital accounts have become a magnet for criminals. Malicious attacks against governments, companies, and individuals are more and more common. And there are no signs that the hacks, data breaches, and other forms of cybercrime are slowing down!
Luckily, it’s easy for businesses to add an extra level of protection to user accounts in the form of two-factor authentication, also commonly referred to as 2FA.
In recent years, we’ve witnessed a massive increase in the number of websites losing personal data of their users. And as cybercrime gets more sophisticated, companies find their old security systems are no match for modern threats and attacks. Sometimes it’s simple human error that has left them exposed. And it’s not just user trust that can be damaged. All types of organizations—global companies, small businesses, start-ups, and even non-profits—can suffer severe financial and reputational loss.
For consumers, the after-effects of targeted hack or identity theft can be devastating. Stolen credentials are used to secure fake credit cards and fund shopping sprees, which can damage a victim’s credit rating. And entire bank and cryptocurrency accounts can be drained overnight. A recent study revealed that in 2016 over $16 billion was taken from 15.4 million U.S. consumers. Even more incredible, identify thieves stole over $107 billion in the past six years alone.
Online sites and apps must offer tighter security. And, whenever possible, consumers should get in the habit of protecting themselves with something stronger than just a password. For many, that extra level of security is two-factor authentication.
How and when did passwords get so vulnerable? Back in 1961, the Massachusetts Institute of Technology developed the Compatible Time-Sharing System (CTSS). To make sure everyone had an equal chance to use the computer, MIT required all students to log in with a secure password. Soon enough, students figured out that they could hack the system, print out the passwords, and hog more computer time.
Despite this, and the fact that there are much more secure alternatives, usernames and passwords remain the most common form of user authentication. The general rule of thumb is that a password should be something only you know while being difficult for anyone else to guess. And while using passwords is better than having no protection at all, they’re not foolproof. Here’s why:
2FA is an extra layer of security used to make sure that people trying to gain access to an online account are who they say they are. First, a user will enter their username and a password. Then, instead of immediately gaining access, they will be required to provide another piece of information. This second factor could come from one of the following categories:
With 2FA, a potential compromise of just one of these factors won’t unlock the account. So, even if your password is stolen or your phone is lost, the chances of someone else having your second-factor information is highly unlikely. Looking at it from another angle, if a consumer uses 2FA correctly, websites and apps can be more confident of the user’s identity, and unlock the account.
If a site you use only requires a password to get in and doesn’t offer 2FA, there’s a good chance that it will be eventually be hacked. That doesn’t mean that all 2FA is the same. Several types of two-factor authentication are in use today; some may be stronger or more complex than others, but all offer better protection than passwords alone. Let’s look at the most common forms of 2FA.
Probably the oldest form of 2FA, hardware tokens are small, like a key fob, and produce a new numeric code every 30-seconds. When a user tries to access an account, they glance at the device and enter the displayed 2FA code back into the site or app. Other versions of hardware tokens automatically transfer the 2FA code when plugged into a computer’s USB port.
They’ve got several downsides, however. For businesses, distributing these units is costly. And users find their size makes them easy to lose or misplace. Most importantly, they are not entirely safe from being hacked.
SMS-based 2FA interacts directly with a user’s phone. After receiving a username and password, the site sends the user a unique one-time passcode (OTP) via text message. Like the hardware token process, a user must then enter the OTP back into the application before getting access. Similarly, voice-based 2FA automatically dials a user and verbally delivers the 2FA code. While not common, it’s still used in countries where smartphones are expensive, or where cell service is poor.
For a low-risk online activity, authentication by text or voice may be all you need. But for websites that store your personal information — like utility companies, banks, or email accounts — this level of 2FA may not be secure enough. SMS is considered to be the least secure way to authenticate users. Because of this, many companies are upgrading their security by moving beyond SMS-based 2FA.
The most popular form of two-factor authentication (and a preferred alternative to SMS and voice) uses a software-generated time-based, one-time passcode (also called TOTP, or “soft-token”).
First, a user must download and install a free 2FA app on their smartphone or desktop. They can then use the app with any site that supports this type of authentication. At sign-in, the user first enters a username and password, and then, when prompted, they enter the code shown on the app. Like hardware tokens, the soft-token is typically valid for less than a minute. And because the code is generated and displayed on the same device, soft-tokens remove the chance of hacker interception. That’s a big concern with SMS or voice delivery methods.
Best of all, since app-based 2FA solutions are available for mobile, wearables, or desktop platforms — and even work offline — user authentication is possible just about everywhere.
Rather than relying on the receipt and entry of a 2FA token, websites and apps can now send the user a push notification that an authentication attempt is taking place. The device owner simply views the details and can approve or deny access with a single touch. It’s passwordless authentication with no codes to enter, and no additional interaction required.
By having a direct and secure connection between the retailer, the 2FA service, and the device, push notification eliminates any opportunity for phishing, man-in-the-middle attacks, or unauthorized access. But it only works with an internet-connected device, one that’s able to install apps to. Also, in areas where smartphone penetration is low, or where the internet is unreliable, SMS-based 2FA may be a preferred fall-back. But where it is an option, push notifications provide a more user-friendly, more secure form of security.
Biometric 2FA, authentication that treats the user as the token, is just around the corner. Recent innovations include verifying a person’s identity via fingerprints, retina patterns, and facial recognition. Ambient noise, pulse, typing patterns, and vocal prints are also being explored. It’s only a matter of time before one of these 2FA methods takes off…and for biometric hackers to figure out how to exploit them.
According to a recent report, stolen, reused, and weak passwords remain a leading cause of security breaches. Unfortunately, passwords are still the main (or only) way many companies protect their users. The good news is that cybercrime is in the news so much that 2FA awareness is quickly growing and users are demanding that the companies they do business with have improved security. We agree: “Everybody Should 2FA” Call us if you have any questions.
Computer Medic On Call is committed to bringing you the highest quality computer service available for all of your information and systems needs. Serving in Broward and West Palm Beach in Florida State for IT Support. Our experience provides us with the skills to offer a range of high quality computer services.
621 N.W. 53rd Street
Suite 125
Boca Raton, FL 33487
22 comments. Leave new
Many thanks! Valuable information. https://definitionessays.com/ images of writing paper
Nicely put, With thanks. help essay homework pass paper writing services
Recombinant human insulin-like growth factor-I rhIGF-I therapy in adults with type 1 diabetes mellitus effects on IGFs, IGF-binding proteins, glucose levels and insulin treatment. where do ibuy clomid online with viagra 5 in improving pregnancy rate compared to monotherapy 28.
Whoa quite a lot of beneficial knowledge.
writing a character analysis essay essayhelp professional dissertation writers
Cheers, Lots of info.
trusted online pharmacy reviews approved canadian pharmacies online online drugs
Lovely facts. Many thanks!
law essay help how to write an argumentative essay writing assignments service
Truly a lot of useful knowledge!
northwestpharmacy shoppers drug mart pharmacy pharmacie canadienne
You actually mentioned this very well.
college essay promps https://freshapps.space/ websites to type essays
Nicely put. Thanks!
cheap drugs london drugs canada https://canadadrugspower.com
Seriously a lot of awesome knowledge!
how to write a critique essay on an article essays writing services online writing help for college students
Awesome info. Thank you!
online canadian discount pharmacy drug price prescription drug price comparison
Kudos, Useful information.
online order medicine cheap drugs online canada pharma limited llc https://canadapharmacies-24h.com
Very good facts. Thanks.
help with my essay best mba essay editing service writing websites
Superb material. Thanks a lot!
leadership college essay college pressures essay professional assignment writers
Personally, I find amino acids tricky to supplement, and work at getting enough protein from food, etc. Enteral Nutr 1986; 10 2 139- 145.
Regards. Quite a lot of postings!
how to write a business essay essay rewriter how to cite a website in an essay
Sandbox
https://sandbox.cn.com/
Sandbox
https://sandbox.cn.com/
sandbox games
With thanks, I enjoy it.
mail order pharmacy canada drug drugs from canada online https://canadadrugspower.com
PCR analysis of inducible, skeletal muscle- specific, Cre- mediated recombination. Dysuria is present in both conditions, but the presence of dysuria without a urethral discharge is a very good predictor of NGU.
You actually stated it effectively.
writing a college admission essay how to write a good introductory paragraph for an essay inexpensive resume writing services
Very well spoken certainly. .
learning how to write an essay help me essays personal statement writing service london