The Importance of Two Factor Authentication
Cybercrime is increasing on a daily basis, and there is no assurance that it is going to end anytime soon. It is therefore important that you do everything within your power to secure your online accounts. Digital accounts have become the main target for hackers because smartphones and laptops have become an integral part of our lives. We do almost everything and anything on them. Talk about checking and sending of emails, online transactions, phone calls, SMS and instant messaging, etc. It is difficult to go a day without doing any of these on your device.
Before we talk about the importance of two factor authentication, we have to talk about “Two Factor Authentication” itself.
What is Two Factor Authentication?
Two Factor Authentication also known as 2FA is a type of multi-factor authentication that allows you to add a second layer of security to your account. It is used to confirm users’ identity by combining two factors. The first factor is based on something you know, while the second factor is based on either something you have or something you are.
Something you know – password, pin or pattern.
Something you have – debit or credit card, mobile phone, or security token
Something you are – bio-metric authentication (voice-print, fingerprint)
Why Is Two Factor Authentication Important?
- More than one factor: 2FA authentication adds an extra layer of security to your online accounts making it hard for your account to be accessed by hackers.
- Passwords are vulnerable: Passwords alone are not enough to secure your account because about 90% of passwords can be cracked in little or no time.
- Simplicity of passwords: Over 67% of all the passwords people use are very simple. Which makes it easy for hackers to predict and gain access to such accounts.
- Password Testing: Billions of passwords are being tested per second by high caliber hackers.
Why Password Security Is Vulnerable
The vulnerability of passwords was revealed when in the course of giving everyone an equal chance of using the computer, Massachusetts Institute of Technology developed the CTSS – Compatible Time-Sharing System. Not long after the students had logged in with their unique passwords, they discovered that they could print out the passwords and extend their time with the computer. In other words, they could hack the system even though it was password secured. Hire a Password cracker.
Till date usernames and passwords are still the most commonly used authentication method despite its vulnerability. It is assumed that a password is something only you know and while using password is better than not having any form of protection, they are not impenetrable for the following reasons:
- Simplicity: A research was conducted and it was discovered that most passwords were ridiculously simple. Some of which were “password”, “mummy”, and “123456”. They may pass the remembrance test but are way too simple and it will cost a smart hacker nothing to crack.
- Numerous Accounts: Since users can do virtually anything online. They are bound to open numerous accounts across various platforms. The implication of this is that, there is an emergence of too many passwords that cannot be remembered and this may lead to password recycling. A recycled password is a potent tool in the hands of a smart hacker. A recycled password and username can be used to unlock other lucrative accounts during password testing with familiar shopping sites and e-banks.
- Security Negligent: Due to the stress involved in opening several accounts with different passwords for each, many users resolve to use simple and weak passwords across their various accounts.
All 2FAs are not the same, as there are various types currently in use. While some are very strong and hard to crack than others, they are all better than passwords alone.
Common Forms of 2FA
SMS Based/Voice Based:
This method of authentication involves sending a short code usually between 5- 6 digits via a text message to the user after receiving the username and password. This code must be entered into the site or app to gain access. Similarly, voice-based 2FA verbally delivers the code. For your online business, SMS based or voice-based 2FA may just be what you need. However, this 2FA method has its shortcomings. Among other 2FA methods, it is considered the least. You can’t use this authentication method if your phone is dead, or has a bad network service. Hackers can get your 2FA codes if they can trick your network providers to assign your phone number to another sim card that is not yours. For this reason and more, many organizations have upgraded their security beyond SMS based and voice-based authentication.
This authentication method does not require a token like others do. Rather it sends a prompt to your device that a login attempt probably by you is taking place. All you need to do is either to approve or deny the login attempt with just a single touch. This method of authentication is more convenient than SMS-based and voice-based 2FAs, and it eliminates any chance for phishing. Although push-based authentication is more secure and user-friendly, it only works with internet enabled phones.
This type of 2FA requires you to download an app that generates codes based on a secret key. This authentication method is a preferred alternative to SMS and voice-based authentication because the secret key which is generated is physically stored on your phone. The technology behind this 2FA style is called Time-based One Time Password (TOTP) or soft token. It removes the possibility of being hacked since the code is being generated and displayed on the very same device.
Apart from being the oldest form of 2FA, hardware tokens are small like a key fob. Every 30 seconds a new numerical code is produced which makes it difficult for a hacker to gain access. For you to gain access into your account, you have to get the code from your device and enter it into the site or app you want to gain access to. Some transfer the 2FA code automatically when plugged into the USB port of the computer.
Other Forms of Two-Factor Authentication
Biometric Two-Factor Verification: Under this we have the fingerprint, facial recognition, retina patterns, pulse, typing patterns and speech recognition which are all authentication methods in which the user is treated as the token.