Two Factor Authentication
Two Factor Authentication or 2FA is a security process in which a user provides two different methods of authentication to access their device, this better protects the users credentials and also the information that they have access to.
Two Factor Authentication adds an additional layer of security to the authentication process as it makes it harder for hackers to gain access to a persons device or online accounts as a password alone if not enough to pass the authentication check.
Types of Two Factor Authentication
There are three types of authentication:
- Something you know: a password, PIN, zip code or answer to a question (mother’s maiden name, name of pet, and so on)
- Something you have: a phone, credit card or fob
- Something you are: a biometric such as a fingerprint, retina, face or voice
Benefits of Two Factor Authentication:
Improved Security as two forms of identification are required.
Increased productivity and flexibility allowing individuals to access data from any location without putting the corporate network at risk.
Reduced and protect against identity fraud and building a secure online relationship with customers.
It is an essential component of cybersecurity.
Provides an early warning that someone is trying to hack your system.
Ultimately your costs should reduce as you should not need to reset your passwords as often.
With 2FA, a potential compromise of just one of these factors won’t unlock the account. So, even if your password is stolen or your phone is lost, the chances of a someone else having your second-factor information is highly unlikely. Looking at it from another angle, if a consumer uses 2FA correctly, websites and apps can be more confident of the user’s identity, and unlock the account.
Common types of 2FA
Hardware Tokens for 2FA
Probably the oldest form of Two Factor Authentication is hardware tokens, these are small devices like a key fob that produce a new numeric code every 30-seconds. When a user tries to access an account, they glance at the device and enter the displayed 2FA code back into the site or app. Other versions of hardware tokens automatically transfer the 2FA code when plugged into a computer’s USB port.
Hardware tokens can be quite costly if they need to be rolled out throughout the business and they are easy to lose or misplace. Most importantly, they are not entirely safe from being hacked.
Text-Message and Voice-based Two Factor Authentication
Text message-based 2FA interacts directly with a user’s mobile phone. Once a user has entered their standard username and password into a website, it then sends the user a unique one-time passcode (OTP) via text message. Like the hardware tokens, the user must then enter the OTP back into the application before they are able to join access. Similarly, voice-based 2FA automatically dials a user and verbally delivers the 2FA code.
This is a great method for a low-risk online activity. If however you have websites that store your personal information — like utility companies, banks, or email accounts — this level of 2FA may not be secure enough. This is especially the case with banks, often banks have a username, two pass codes and a text-based authentication for a secure method of accessing your data.
Software Tokens for 2FA
The most popular form of two-factor authentication (and a preferred alternative to SMS and voice) uses a software-generated time-based, one-time passcode (also called TOTP, or “soft-token”).
First, a user must download and install a free 2FA app on their smartphone or desktop. They can then use the app with any site that supports this type of authentication. At sign-in, the user first enters a username and password, and then, when prompted, they enter the code shown on the app. Like hardware tokens, the soft-token is typically valid for less than a minute. And because the code is generated and displayed on the same device, soft-tokens remove the chance of hacker interception. That’s a big concern with SMS or voice delivery methods.
Best of all, since app-based 2FA solutions are available for mobile, wearables, or desktop platforms — and even work offline — user authentication is possible just about everywhere.
How can we help?
The impact of a cyber attack can be devastating—both financially and in terms of a damaged reputation—and the cost of implementing a Two factor authentication process is relatively small. That makes 2FA a good investment for the future of your business.
We take the time to understand your business and look at the best two factor authentication options that will fit your business requirements. The right solution will help your business improve security, meet compliance requirements, and even improve the productivity of your users, while minimising challenges, such as technical gaps, usability issues, and complexity.
The Next Step…
Still not convinced?
We can help you!
Fill out the form below and one of our IT specialists will contact you.
Force Cancer Charity
C G Fry & Son Ltd
J. Wippell & Co Ltd
Devon & Cornwall Police
Exeter Golf & Country Club
South West Water
Dart Marina Hotel & Spa
The Cavanna Group
Saunton Golf club
St. Pauls Dental Practice Ltd