Let’s say you have a lock and a chain on your door – would you use both for extra protection? Chances are the answer is “yes.” So, why not do the same to protect against cyberattacks?
Two-factor authentication – also known as 2FA – is a multi-factor security process that verifies identity in two ways before allowing access to an account or website, thereby better protecting the account user’s credentials and other resources.
Twice the protection of single-factor authentication (where the user typically provides a password or passcode solely) 2FA also asks for a second identifying factor, such as a fingerprint, facial scan or a security token.
For the uninitiated, a security token is a small hardware device that the owner carries to authorize access to a network service. Often, a security token comes in the form of a smart card or is embedded in a key fob. Security token users have a personal identification number (PIN) authorizing them as the owner of the device. The device then displays a number to allow the user to log in; this number is changed frequently as a protection against identity theft.
Fingerprint, facial and security token are the most common authentication factors, but other methods can also be used, such as a location factor. This is typically denoted by the location where the authentication attempt is being made. A location factor can limit authentication attempts to specific devices in a specific location or by tracking the location source of a login attempt via GPS data derived from the user’s mobile phone or other device.
A time factor is another form of 2FA. This restricts user authentication to a specific time window where logging on is permitted.
So, what are the steps to 2FA?
First, the user is prompted to log into their PC, laptop, etc. by the application or website. Then, the user enters their username and password. The account site then prompts the user to initiate the second login step – the security token, fingerprint, facial detection, location or time factor. Then the user enters a one-time code generated by the second login step. Once the code is authenticated, the user is given access to the application or website.
This may sound a bit complicated but setting up a 2FA is a whole lot easier than handling the aftermath of a cyberattack!
Learn more by emailing us at email@example.com