2FA: An easy win for security

Next story

Image

Two-Factor Authentication or 2FA is an easy win for security: whether you’re using Google Authenticator or Authy to protect Gmail, Facebook and many other accounts, or a paid version to protect your Windows login or perhaps encryption.


Mark James, ESET IT Security Specialist, explains that 2FA can work on almost any device and only strengths the traditional username and password combination.

“Two-Factor Authentication is a means to protect your private login credentials, the problem with usernames and passwords is that they are easily lost or stolen and in some cases you may not actually be aware they have been compromised.

“By taking something that we know (username and password) and then adding another securing feature like a one-time generated passcode (OTP) you can further protect that login from guesses or brute forced attacks.

“The passcode can be sent by SMS text, email, generated on a smartphone or small device called a hard token whenever you login, usually the code will have a limited lifespan in minutes before it expires and is unique (one time use).

“This code is entered each and every time you login so even if your username and passwords are compromised, without the OTP the login will fail.

“2SV is a similar practice that utilises multiple verification processes to authenticate who they are. The benefits of protecting your login will far outweigh the inconvenience of making the login take longer to complete.

“With so many companies understanding the importance of protecting your data from being compromised it’s certainly something you should have configured for all your financial logins and if possible any social media or cloud data accounts where available.

“Whilst we can’t 100% protect against data loss we can stack the odds in our favour and not the criminal’s.”

Multiple layers of security are always the key to being as secure as humanly possible: if you can add more layers, do it. Can you add 2FA to your account? Great, do it! Can you add some form of biometric authentication as well? Do it!

Going through a few more seconds of login is much less hassle than having to try and recover from a serious data breach.


How many accounts do you use 2FA on?


Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.