13 November 2020SafeAeon Inc.
Do you think a password alone can protect your sensitive information from being attacked by hackers?
Your answer might be ‘Yes, we can’…But how? By encrypting the data or by making the backup of the data or by using antivirus and firewalls. But these methods can be quite costly. Then what can we do in that case? Have you guys ever heard about two-factor authentication or multi-factor authentication? Yes, you might have, but how many of you are using this? So, let’s first talk about authentication and multi-factor authentication and why it is necessary to use it?
What is authentication?
Authentication is meant by verifying the identity of the user. A typical example is, entering a username and password when you logged in to a website. Registering the correct login information lets the site know who you are and that it is you who is accessing the website. Authentication, which uses a single layer, is known as one-factor authentication.
Is it secure to log in just with the user name and password?
According to Verizon’s Data Breach Investigations Report 2017, 81% of data breaches are leveraged from either stolen or weak passwords. Once someone gets access to your account, not only he/she can cause you a financial loss but also cause loss of reputation. Hence, more sites are taking cybersecurity seriously. Most websites nowadays require you to use numbers, special symbols, or a combination of both in your password. This dramatically increases your security against brute force attacks. But using complicated passwords doesn’t solve the security issue completely. Since most of us use the same passwords everywhere, if one of your accounts gets compromised, it can have massive consequences.
According to a survey conducted by Tele Sign, 73% of online accounts are guarded by duplicate/reused passwords, and 54% of people use five or less than five passwords across their entire online life.
One way to solve this password problem is by setting a unique password for every account. But practically, it’s not possible to remember so many unique passwords. So, we can use the password manager to save all your passwords in a secure vault. But again, we can’t rely on any third-party application for setting up unique passwords, as is not enough, especially for correspondent accounts such as email accounts, social media accounts, and websites that contain your financial details.
That’s why more and more companies are getting serious about user’s security. One of the steps is to achieve this is by using 2-factor authentication. Because one additional layer of protection can be beneficial for organizations and us, and it can be a headache for attackers.
Two-factor authentication or we can say multi-factor authentication is a security process that refers to adding another layer of protection for verifying the authenticity of the user. It increases the safety of online accounts to a great extent by providing additional security. For example, authentication asks you to sign in using your username and password, and then enter a code that is sent to your registered mobile number via SMS.
A factor in this context means a way to convince a computer system or online service that you are who you say you are, so the system can determine if you have the right to access the data services that you’re trying to access.
Why use two-factor authentication?
One of the primary reasons is that widespread major data breaches, which have put millions of email address/password pairs up for sale on the dark web. Most of us reuse passwords across multiple sites and accounts; a hacker can use the data to log in to dozens of websites and see which of them provides access.
Many websites use security questions, or we can say knowledge-based authentication such as “What’s your mother’s name”? “What was the city where you were born”? These questions pop up when we try to log in from a different computer. But this is not secure because, with so much personal information online available, a determined hacker could probably figure out the answers to these questions and bypass them using social engineering attacks.
How two-factor authentication works?
Two-factor authentication pairs your first authentication factor that is a password in the majority of cases and with the second factor of an entirely different kind such as:
- OTP (One-time password)
- TOTP (Time based one-time password)
- Biometrics (Fingerprint, Retina scanner)
Limitations of two-factor authentication
Every coin has two sides, and if something has some advantages, then it also has some disadvantages. Two-factor authentication might be proper, but it is not bulletproof.
- Your phone can run out of battery or can stop working unexpectedly, locking you out of your accounts.
- In case if your phone is stolen, you can be vulnerable as anyone else can access the code to impersonate you.
Accounts where we use two-factor authentication:-
- Google accounts
- Email accounts (In case you don’t use a Gmail account)
- Bank websites
- Cloud storage accounts (Dropbox, OneDrive)
- Social networks (Facebook, Twitter, LinkedIn, Instagram)
“Keeping aside the limitations, 2FA is the best way to protect sensitive data from hackers to till date.”