Secure Your User Accounts With Two-Factor Authentication
It is possible that more than once we have wondered if while we are accessing our online banking service, it is safe, or on the contrary, we are being spied on in some way. For this question, we have the answer: Two-factor authentication.
The use of the double username/password in the use of computer systems is something we are used to, it has been around for so long that it is no longer given due attention. This makes cybercriminals focus their efforts on obtaining passwords to access critical sites, taking advantage of the fact that we have lowered our guard.
Currently, according to various studies, almost 80% of cyber attacks focus on the use of insecure passwords. It is estimated that a large part of the passwords circulating on the network could be decrypted by an attacker in a time that goes from as little as a few seconds to about 2 hours.
Table of Contents
We Should Seriously Consider At Least 2 Things:
- Use of strong passwords.
- Use complementary authentication systems.
We have already talked about strong passwords, being one of the first defense barriers against attacks by cybercriminals, but let’s focus on complementary authentication systems.
Apart from username and password, currently, a large majority of sites already offer the so-called “two-factor authentication”.
Two-Factor Authentication What Is It What Does It Consist Of
We could define it as the security process by which a user must confirm their identity in at least 2 different ways. This secure identification method is based on authenticating a person by several methods that can be used simultaneously:
- Something you know (Password, pin …)
- Something you have (Key generator, coordinate card …)
- Something you are (fingerprint, facial recognition, etc …)
As we add layers, we improve security, making it more difficult for an attacker to get hold of sensitive information. We are talking about multi-factor authentication.
What Should We Protect With This System
In general, all those services or tools that have access to sensitive information, such as email accounts, online banking, access to social networks, websites or portals of travel agencies or online reservations, files in the cloud, and in general, any platform that we use where sensitive information is contained that may be compromised
How Is It Used
There are different ways to carry out two-factor authentication, some of the most common can be:
- Use of USB authenticating memories, apps that generate temporary security codes.
- Specific data that only we know, such as the PIN or the answer to a security question.
- Biometric measures, such as the use of fingerprint, facial recognition, voice, etc.
In general, currently, most email account providers already allow you to activate this option in their settings, even so, several applications offer the 2-step authentication service and are mostly free. These applications allow you to generate codes to access different services.
On the other hand, the use of USB sticks intended for authentication is also useful, since they are specific devices for this function to which the attacker should also have physical access. There are various manufacturers on the market of this type of media valid for computers, mobile phones, and tablets.
Difference Between Two-Factor Authentication VS Two-Step Verification
These 2 systems are often confused because of their similarity, but the big difference is that generally in 2-step verification a security code is sent via SMS that can be intercepted. The SMS message does not meet the security requirements of two-factor authentication, as it is neither something that the user knows, nor something they have, nor something that is, but something that they send.
Its use is currently discouraged since a third party could impersonate the sender by sending messages aimed at obtaining information (or even if someone has access to the device, it will be easy for them to see the verification code and access the service).
On the contrary, in multifactor authentication, it would be necessary to verify by fingerprint, facial recognition, or other physical means that we are the person authorized to access. This does not fully guarantee security, but it makes it more difficult for an attacker to take control, besides, the codes generated by the app are temporary and of short enough duration to be able to avoid attacks even if it falls into their hands.
In The Company
Implementing two-factor authentication on business access accounts and computers is an effective way to prevent attacks on sensitive information that could compromise our customers’ data. It also helps to narrow the scope of the employee to business information through the use of specific devices of the company and to become aware of the maintenance of good security practices, which will undoubtedly help to reinforce business security.