Regardless of how good your organization’s password policies are, relying on passwords as your sole security measure just isn’t enough to resist some of today’s more advanced threats. This is why we—along with most other industry and security experts—recommend that two-factor authentication (2FA) be rolled out organisation wide. Let’s look at some of the options available for 2FA, and the added security it can introduce.
First of all, we should clarify something: any form of two-factor authentication is better than using just a password. There are three main ways for a password to be compromised, after all. It could be stolen, guessed, or cracked through software. Boosting your security with an additional confirmation of your identity gives malicious actors another hurdle to cross in order to access one of your accounts.
WHAT KINDS OF 2FA ARE THERE?
There are a few different varieties of 2FA you can choose from.
Basically, when you try to login to an account, a verification code is sent to your mobile via text message. This is quite possibly both the easiest and most accessible form of 2FA as most people always keep their mobile with them. Unfortunately for these exact reasons SMS is actually the least secure method of 2FA since there’s more and more phishing attacks faking verification codes. Keep in mind this is still better than using just a password.
Authentication applications function by generating a new code every minute or so that must be input into the requested field before the time expires. As a result, the mobile device serves as an extra key that the person accessing a resource needs in order to open it. This method again, banks on the fact that most employees will constantly have their phone on them. It’s also far more secure than an SMS as the verification code within the application cannot be spoofed.
You know that key analogy we made with the authentication apps? Modern hardware authentication solutions are the more literal interpretation of this concept. A hardware key requires a user plug a USB device into their PC and (sometimes) press a button or use biometrics to “turn the key”. This method has surged in popularity with phishing and other scams being so commonly used. While these keys have a price, it is comparatively small to what a data breach could result in.
We’ve all seen the spy films, where an authority figure accesses a super-secret lair or lab by having their iris scanned, their handprint analysed, and other similar tests. Biometric authentication is the ‘real world’ version of this and is available on almost all consumer mobile devices. Unfortunately, some devices aren’t that accurate and can be bypassed with the right tricks which makes this slightly less secure.
Any option is better than using just a password!
It’s really that simple. Although some methods of 2FA are undoubtedly more secure than others, utilising any form of 2FA will greatly increase your security.
If you want to find out more about 2FA and how your business can implement it then give us a call on 02 4326 0655 or send an email to: firstname.lastname@example.org.