Security Spotlight: Takin’ Care of Business 2FA (Two Factor Authentication)
It was one of those working weekends.
Saturday morning coffee - check
Laptop fired up - check
How about some tunes - check
How about a little BTO this morning as I am - after all – Takin’ Care of Business on this fine Saturday morning.
♬ ♫ “And I'll be taking care of business (every day) …Taking care of business (2FA)” ♫♬
Hey ... what? 2FA? That’s not the lyric Kris!
Ok hang on a second - let me explain.
Randy Bachman wasn’t actually singing ‘2FA’ however, as I am authenticating across my various Social Media, SaaS related apps and connecting through my corporate VPN, I’m reminded that when it comes to Takin’ Care of Business in 2017 - it most certainly MUST include 2FA or Two Factor Authentication
What Is Two-Factor Authentication?
Most passwords are trivial for hackers to crack and that’s why you need two-factor authentication. Two Factor Authentication adds a critical layer of security that keeps the “bad actors” out and ensures your data doesn't get compromised.
Two-factor authentication is a time-based passcode. This is important as it adds layer of security that requires at least two of the following: Something you know, something you have, and who you are.
Traditional password logins cover only the first—Something you know. You know your email address and password, however, it is often easy enough for someone else to guess, crack or be compromised in the event your service provider is hacked.
If a service provider’s database with passwords is hacked or if a personal computer is infected with malware that records keystrokes to steal account credentials, then the complexity and longevity of any password won’t help protect data. But 2FA will.
Think about Yahoo’s recent 3 billion account holder hack. Use of Two-factor authentication adds that second Something you have to all your logins, using an app and a token (your phone) to generate a unique login code. Even better, if your phone is secured with a fingerprint or facial recognition reader, then you are even covering the 3rd factor – or verifying the who you are.
In most common instances, you’ll be asked to add a mobile phone number to your account and add an authenticator app. When you log in to your account, you'll open the app to get a unique code—one that changes based on time —enter that code, and only then will you be allowed to authenticate.
It is always best practice to enable 2FA on all accounts including all your online banking sites, e-commerce sites, SaaS sites. If you’re not using 2FA corporately, I would suggest you have a serious discussion with whoever heads up your Cyber Security program - you get the drill … enable it everywhere!
To hack an account with two-factor authentication, the bad actor needs to know your email address along with your password, as well as steal your token or phone and know how to get the authentication code.
By leveraging 2FA, your account is now exponentially more difficult to break into.
Two-factor authentication gives you that security all the time – every day– and let’s face it given the nature of the recent security breaches, there’s no reason not add that extra layer of security to all your accounts.
We should all ‘Be taking care of business (every day) …Taking care of business 2FA.’
*For those of you that want to learn more about how to enable 2FA for specific services I’d like to share the following link: www.turnon2fa.com