Two factor authentication (2FA) is a new standard in cyber security protection. In terms of cyber security, it’s not exactly a new feature, but nor is it an extreme measure just for top secret databases. You should have noticed by now that many of your accounts have implemented two factor authentication into their login process.
We’ve moved so much of our businesses online now, that cyber security is more important than ever. And the gateway to all that precious data is our accounts. Facebook account, email account, and bank accounts all pose an avenue of access to opportunistic hackers, and cyber attacks are exceedingly common now, more than ever in fact.
The good news is that two factor authentication is a simple security measure that can be added to provide an additional layer of security and does an excellent job of preventing successful phishing attempts amongst other types of attack.
So… What is Two Factor Authentication?
Two factor authentication is an additional security measure that comes into action when trying to access an online account. This ensures that the correct person is trying to log in. Normally, you enter your username and password. However, since now it’s more likely for a stranger to possibly have access to both of these, two factor authentication requires an additional piece of information in order to access the account.
This “second factor” could be one of a few things. A randomly generated one time passcode (OTP) sent direct to your phone, a biometric measure like a fingerprint scan, or maybe secret questions only you know. Consequently, you reduce the chance of someone compromising your account, even if that someone knows your username and password. Without the ‘second factor’, the account information gets you nowhere.
Why Is Two Factor Authentication Necessary?
The facts speak for themselves really. Username/password combinations have not been secure enough for years. They are the most common form of authentication, and in most cases, far too easily compromised. Why is this? Above all, we are kind of lazy and have terrible memories. It’s hard to remember complex passwords, and easy to use significant names or dates. And then we almost certainly re-use those passwords across multiple accounts.
Without 2FA, you’re practically inviting someone to come in and compromise your network. During such attacks, hackers will attempt to steal legitimate or administrative credentials in order to conduct further activity without raising suspicion. If you have two factor authentication implemented within your network, the stolen credentials will not go far at all. They would still need to provide the ‘second factor’ — aka prove that it is the correct user attempting access.
Who Is Using Two Factor Authentication?
Whatever your reasons, you may be wondering if certain platforms utilise 2FA. Perhaps it’s for your own peace of mind as a user, or perhaps you’re wondering if your competitors are up to scratch. Whatever the case, there is a tool for just this purpose.
Using Two Factor Auth, you can check if Telstra is using two factor authentication (spoiler: they’re not), and see that the sometimes infuriating myGov actually is — which you would know anyway if you’ve ever attempted to log on!