Keeping electronic data safe is more important than ever before.
Whether it’s your personal email account or a critical app for your business, keeping electronic data safe is more important than ever before.
Phishing attacks, data breaches, and ransomware attempts are consistently on the rise, requiring users to remain vigilant about protecting their online information and access to their physical devices.
Multi-factor authentication has emerged as a powerful tool to help restrict account access to its intended user. Rather than simply requiring one password to access a device or service, multi-factor authentication adds an additional layer of account security to verify a user’s identity. It’s become a default setting for banking apps, products from major tech companies like Google, and any account where it’s necessary to have extra security to ensure private information remains safe and secure.
Accessing an account with multi-factor authentication requires a combination of commonly recognized security factors. Typically, that means something you know, such as a password; something you have, like a cell phone or hardware token; or something you are, like your fingerprint or face.
Requiring physical layers of authentication on top of a traditional password creates a level of verification that can be nearly impossible to spoof. Research shows 90% of today’s passwords can be cracked in less than six hours, and considering many users still rely on insecure and incredibly common passwords like “password” or “123456,” additional security methods ensure even the weakest passwords have to be supplemented by additional credentials to gain access to an account.
Today, there are three popular implementations of multi-factor authentication:
SMS authentication.
After a user enters a password, a unique SMS code is sent to their mobile device, and the user must enter that code to access the account. While these codes are often time-restricted and cannot be used more than once, this is considered the least secure version of multi-factor authentication. Apps like Instagram and G Suite offer versions of SMS authentication.
App-based authentication.
Rather than having to wait on an SMS code, app-based authentication places the second security factor within another app. Apps like Google Authenticator and Facebook’s Code Generator create custom QR codes that can be scanned on desktop or mobile devices, making it possible to authenticate access to an app without having access to the internet.
Hardware token authentication.
Hardware token authentication is the most secure method of authentication. It requires a physical piece of hardware to be present when attempting to access an account. This often takes the form of a USB security key like Yubico’s YubiKey, which is inserted into a device’s USB port to carry out the additional layer of authentication.
Many of these authentication methods are carried out using two-factor authentication, which has become a default security option for many popular services like Apple’s Apple ID and Google’s Gmail, For other apps, like Microsoft Office 365, multi-factor authentication is an option that can be enabled at the administrator level.
No matter what app you’re using, it’s a good idea to enable multi-factor authentication whenever possible. It’s especially critical for banking and messaging apps that contain sensitive personal data, for phones that control access to these apps, and for password managers that collect all of your app’s passwords.
Corporate users, who remain ripe targets for phishing, must also enable multi-factor authentication to control access to critical business information. Solutions like Cisco’s Duo adds two-factor authentication to VPN access, making user access to private networks even more secure. And for organizations that grant data access to third-party vendors, multi-factor authentication ensures access can be controlled or restricted whenever necessary.
If you depend on an online account that collects personal, private, or sensitive information, check to see whether multi-factor authentication is enabled. Even though it may require a user to take an extra step or two, the security benefits offered by multi-factor authentication greatly outweigh any minor inconveniences or extra seconds of time spent verifying a user’s true identity.
If you would like assistance protecting your business and data, please contact us.
Register for our IT/Network newsletter today!