We’ve heard about cases in the news, and some of us have personally experienced having our credentials stolen by cyber criminals and used for malicious purposes. It’s become so frequent that people have become numb to it. How many times have you seen someone post on their social media account that they’ve been hacked or that their credentials were stolen?
This blog post will discuss two factor authentication – when you should use it, and what techniques are available to help prevent the theft of credentials and protect against unauthorized access.
Before we discuss types of technology that can be used, let’s determine where we can use two-factor authentication and why it’s needed. Some of the more notable sites that now offer two factor authentication, which requires two forms of identification to login to an account, are Facebook, Dropbox, Twitter, Google, financial institutes, etc. There was a major push to provide two factor authentication to customers after user accounts to these sites were being either phished, or credentials were guessed/ stolen at extremely high rates. Twitter found this out the hard way when the Associated Press’ Twitter account was compromised and attackers falsely reported that there was an attack on the White House, injuring President Obama. This obviously caused widespread panic and impacted the financial markets trading. As a result, Twitter quickly added two-factor authentication to their accounts.
In additional to personal security there are business reasons for using two factor authentication for sensitive accounts. While it might not be practical to use two-factor authentication for every account, you should establish criteria to determine which accounts it’s relevant for. Here are a few examples of where two-factor authentication should be used in business:
Now that we have an idea of where two-factor authentication should be used in your organization, let’s review a few types of authentication methods:
With millions of accounts and data being compromised every single day two-factor authentication is a no-brainer for both personal and business accounts. Make sure your vendor offers this type of authentication before using their services to handle your sensitive data.
Receive notifications of new posts by email.
We don not ask your personal information to access any of our resources.