Two-factor authentication (2FA) is a security measure that requires more than one method of verifying a user’s identity before that person can access a secure area of the network. In most cases, the first form of authentication is a username and password. For years, these credentials were deemed sufficient. But as data breaches become the new normal, 2FA is an increasingly standard security protocol.
2FA allows for additional layers of security, such as security questions, a code texted to a phone, or a link sent to a secure email address.
Why use 2FA?
Passwords have been the standard for logging into accounts for over a decade now and seem to be holding up “ok”. Adding an additional step to login sounds like such a pain so, why bother?
One of the primary reasons is the high number of data breaches that have occurred over the last several years. You may not know it yet but a password you used on a different platform could have been sold on the dark web and will now be used against you to breach your system. Imagine if an employee's login info was stolen as a part of the Equifax breach and that employee used the same credentials to log in to your network. If you were not using two-factor authentication the hacker would now have direct access to your environment.
You may be familiar with security questions or knowledge-based authentication that some sites use – “What's your dog's name” or “What city were you born in”. Most of these sites use these questions if they detect a new computer being used or from a new location however, they now pose new weaknesses. With so much personal information publicly available for those who know where to look, a determined hacker could easily find this information by using social engineering tactics. 2FA requires authentication through a possession such as a cell phone app or text message creating the needed security layer from hackers.
How does 2FA work?
Two-factor authentication pairs your first line of defense, such as your username and password with a second factor of an entirely different kind, such as:
- Something you have
- Something you are
- Somewhere you are
Users would need to supply both of these items to obtain the access they are requesting.
For example, a user enters their username and password to log in, the user is then sent a numeric code as a text message to a phone number they provided when setting up the account (something you have), that code is then entered into the software prompt to gain access as requested. In another example a password may be paired with a facial recognition request, representing the something you are category.
Setting up two-factor authentication
Most cloud service providers and many app-based services already offer the option to turn on 2FA for all users. Activating it for your organization can be as simple as turning it on within the application and selecting your second mode of verification. Your end-users would then be required to provide details such as a mobile phone number, downloading an authentication app, or enrolling in a biometric face scan.
Contact The Purple Guys
Make sure to consult your I.T. provider before turning it on for any applications and train your users on the mode of verification. Moving into the future all of your major applications should require 2FA for you and your organization's protection.
Businesses who partner with the Purple Guys are sending hackers a clear message, one that says they cannot and will not tolerate any intrusion.
Make the smart choice and give The Purple Guys a call today!