Do The Two-Step

Written by Matt Lang 

In our first blog, 5 Steps to Online Safety, we briefly discussed two-factor authentication and how it provides an extra layer of protection to your account’s security.  Yet implementing two-factor authentication (2FA) is becoming more important daily for data security. While absolute security is impossible to achieve, it is always in your best interest to make your data as secure as possible.  One of the easiest ways to do this is by implementing 2FA on all of your accounts.

What is Two-Factor Authentication?

2FA is an authentication protocol that has become much more prevalent in the past few years. It is a way to verify a user’s identity by using a combination of two different authentication methods. There are three types of authentication methods: something a user knows, something a user possesses, and something a user is. For example, something a user knows is a password, something they possess would be a keycard or security token, and something they are would be a biometric scan, like a fingerprint or retina scan. The most common 2FA combination used is a password (something known) and a one-time use code linked to the user’s verified device, usually a cell phone (something owned). Along with this, 2FA may include a third lesser factor, like the location of the user or a specific time frame in which the user is allowed to log in.

Why you need it?

2FA gives your accounts an extra layer of security. Without it, all an attacker would need to know is your password. With 2FA enabled, an attacker would be required to obtain both your password and your other form of authentication, which is most likely your phone. There is nothing the attacker can do with only one method. Reports nowadays show 81% of hacking-related breaches are a result of weak/repeated passwords. Even with a weak password, 2FA keeps accounts protected. The only real downside of 2FA is being unable to access your account if you do not have your phone/token with you.

​Is it required?

While only some critical accounts will require 2FA, such as online banking, it is still a good idea to use it whenever possible. 2FA is slowly becoming a standard for all accounts from social media to corporate emails. While not necessarily required, we strongly advise enabling 2FA for all of your accounts that support it. The benefits of 2FA heavily outweigh the negatives. With the sophistication of modern cyber-attacks and social hacking, it is getting increasingly harder to rely on outdated security methods.

2FA is becoming the industry standard in terms of data security as it provides individuals with a simple and easy to use safeguard.  While 2FA is not a requirement by every organization you have an account with, it’s always recommended that you implement it if available.  If you need any assistance implementing 2FA, please do not hesitate to reach out to us, we will be more than happy to help. Enabling 2FA today will make the possible future headaches go away.