It’s no surprise that our lives are becoming increasingly digital by the day. From shopping and consuming media to working and banking, everything is being done via a smartphone, tablet, or laptop.
With so much of our lives taking place digitally, it’s no wonder that our online accounts have become a magnet for crooks.
Cyber attacks against individuals, corporations and even Governments are getting more and more prominent by the day. Data breaches, account hacking, ransomware, cyber extortion, identity fraud, and other types of cybercrimes have been happening daily.
As cybercrimes are increasing, so is the ability to counter these attacks. New security measures and protocols are being introduced regularly by companies to help secure your data online.
One such method of securing your digital account and counter hacking activities is called two-factor authentication, commonly referred to as 2FA.
In this blog post, we are going to discuss everything there’s to know about two-factor authentication: what is it, why it’s important, types, and software solutions to implement two-factor authentication. Read on…
What is Two-factor authentication?
Two-factor authentication, also known as 2FA or two-step verification, is a security method that uses two different authentication factors to verify a user.
Two-factor authentication acts as an extra layer of security to make sure that the person trying to gain access to a digital online account is who they say they are.
A single-factor authentication (SFA) asks a user to provide only one authentication factor, usually a username and password or passcode.
On the other hand, a two-factor authentication system relies on a user providing a username & password, as well as a second factor, typically a security question or a biometric, such as a fingerprint or facial scan.
Since in two-factor authentication, an additional layer of security is added to the authentication process, it is more difficult for attackers to gain access to someone’s online account.
Two-factor authentication has gained significant adoption in recent years and is actively used by software giants like Google, Facebook, Twitter, etc, and also by major online banking systems to protect sensitive user data.
Why Two-Factor Authentication is Important?
There are many reasons why it’s important for individuals as well as organizations to employ two-factor authentication for their online accounts. Here are a few important ones:
#1. Passwords are outdated
Since the inception of computing, passwords have been an integral part of accessing a network. The CTSS (Compatible Time-Sharing System), an operating system introduced at MIT in 1961, was the first computer system to have password login.
Since then, passwords haven’t changed much and are due a much-needed update. While a password should be something you can easily remember but is difficult to guess by someone else, most people don’t follow this protocol.
In fact, a report by security firm 4iQ looked over 1.4 billion stolen passwords and found that the most common passwords that people use are “111111,” “123456,” “123456789,” “qwerty,” and “password.”
Provided that these are very easy to remember, such passwords are also very vulnerable to hacking. Additionally, passwords that comprise your first/last name, pet’s name, birth dates, etc are all prone to hacking.
Even if you have a long string of unrelated characters as your password, it’s still a single piece of information that can be hacked, copied, and leaked, leaving your sensitive data unprotected.
#2. The dangers of password recycling
As internet adoption increases and everything gets digitized, people have to create a new account for every new service they signup for.
Hence, the more accounts someone creates, the more passwords they have to remember. To make this process easy, people often recycle their passwords on multiple sites.
Take a look at these shocking stats:
- The average person reuses each password as many as 14 times.
- A survey by Security.org found that 76% of millennials recycle their passwords.
- A Google survey found that at least 65% of people reuse passwords across multiple, if not all, sites.
- According to Microsoft 44 million accounts were vulnerable to account takeover due to compromised or stolen passwords.
- 72% of individuals reuse passwords in their personal life while nearly half (49%) of employees simply change or add a digit or character to their password when updating their company password every 90 days.
- 73% of users duplicate their passwords in both their personal and work accounts.
- Another survey found that 72% of people feel well informed on password best practices, but 64 percent of those also prefer a password that’s easy to remember and admitted they always prefer convenience over security.
Reusing the same password is dangerous as hackers can easily hack into multiple accounts of the same person. In fact, according to the Verizon Data Breach Investigations Report, compromised passwords are responsible for 81% of hacking-related breaches.
#3. Cybercrime is on the rise
Cybercrime, or the crime committed using a computer, is a frightening threat that the average internet surfer rarely acknowledges. In fact, 95% of cybersecurity breaches are caused by human error.
Take a look at these stats:
- Since COVID-19, the US FBI reported a 300% increase in reported cybercrimes. (CNBC)
- 23 percent of Americans have either had their credit card or financial information stolen by hackers, or they know someone
- Data breaches exposed 36 billion records in the first half of 2020. (RiskBased)
- An estimated 300 billion passwords are used by humans and machines worldwide. (Cybersecurity Media)
- Hacker attacks occur once every 39 seconds.
- A Twitter breach last year targeted 130 accounts, including those of past presidents and Elon Musk, which resulted in attackers duping $121,000 in Bitcoin. (CNBC)
- 147.9 million consumers were affected by the Equifax Breach in 2017. (Equifax)
- 500 million consumers, dating back to 2014, had their information compromised in the Marriott-Starwood data breach made public in 2018. (CSO Online)
As you can see from the above-mentioned stats, cybercrime is a huge problem and continues to disrupt internet security day-in and day-out.
While two-factor authentication is not your end-all solution for cybercrimes, it sure does add an extra layer of security to your accounts and devices, making them twice as secure as before.
Different Types of Two-Factor Authentication Factors
There are many different ways in which two-factor authentication can be implemented to secure your account- a knowledge factor, a possession factor, an inherence factor, a time factor, and a location factor.
Factors are nothing but pieces of information a user has to provide (along with their username password) to prove their identity and access their account.
Let us explore briefly each category of authentication factors:
#1. Knowledge factor
One of the most common forms of authentication is via a knowledge factor. In this form of authentication, the user has to provide the answer to a secret only he/she would know.
That secret could be a PIN (personal identification number), a password, or an answer to questions like your dog’s name, your mother’s middle name, your favorite ice-cream, and so on.
However, knowledge factors are often considered to be a mediocre form of authentication as many people have easy-to-guess answers as their knowledge factor.
Questions such as “What’s your pet’s name?” are poor examples of a knowledge factor as they may be known to a broad group of people or can easily be found on the Internet (example, Facebook).
#2. Possession factor
A possession factor confirms user identity by asking for proof of the information that only the user should possess. Think of the possession factor like a key to a lock.
Security tokens are commonly used possession factor of authentication and so are mobile phones. These tokens generate a rotating passcode that users must physically carry on their person.
This method of authentication is currently one of the most popular amongst organizations in the form of SMS codes or OTPs (one-time passwords) sent to a mobile device.
#3. Inherent factor
Factors that are associated with the user’s physical presence are called inherent factors. These typically include biometric methods such as face, fingerprint, voice, or iris recognition . Many banking apps now have facial recognition features to allow access to their apps, making them very hard to hack.
#4. Time factor
Such factors authenticate a user login based on time. Certain apps and websites have a pre-set time boundary within which a user can access that account. If the user takes more than the allowed time, the access is denied. The user has to try back again or verify their identity using other methods of authentication.
#5. Location factor
Suc factors authenticate a user’s identity based on their location. If the user attempts to log in to an app or website from a predefined location, the login is allowed, otherwise, it is prohibited.
An example of this is Gmail. Whenever you try to login into your Gmail account via a different location or device, Gmail sends you an email to your mobile confirming whether or not the person trying to access the account is you. It also might send a security code to your phone asking you to authenticate.
Two-factor authentication is a must-have in today’s technologically driven world.
While adding an extra layer of security to your digital devices and accounts, 2FA protects them from malicious activities and costly data breaches.
We hope that you learned a lot from our comprehensive guide on two-factor authentication and are eager to implement it wherever possible.
Have questions? Don’t hesitate to reach out to us on Twitter @elink.io. Good luck!