Have you heard about two-factor authentication (2FA)? Do you know if it already is a part of your life? If you do, what do you think about it? Are you happy about it or do you find it annoying? (And the answers you give might be affected by whether you have been a victim of identity theft.)
What is 2FA? Personal credentials to access an account can include a personal identification number (PIN), a password, a pattern, an item (security fob, ATM card, smartphone), a biometric (voice print, finger ID, retinal scan). A typical example of single-factor authentication is entering a username and a password. Two-factor authentication adds a second level of authentication to accessing an account. An example of 2FA is requiring a ZIP code when you use your credit card at the gas station.
So – there is an extra step … that makes me so happy … The organization in charge of account access implements and controls the security of the access. So some companies, suppliers or vendors mandate it, some make it as a configurable option, and others do not have it. And whenever there is an extra step to a process, there will be division as to the value of the step for the account owners. Some willingly do the extra step to protect their account. Others will be annoyed and resent it. (And sometimes they will not be able to login to their own account because they don’t have, or can’t remember the credentials.)
Will 2FA really keep my account secure? 2FA is not a guarantee that accounts will not be accessed by those who should not be accessing them. Hackers, especially with criminal intent, are a clever and committed group. But 2FA is one extra layer of protection beyond a simple login. It does make hacking harder.
What is the way hackers get through 2FA? Every updated approach to account security faces challenges as hackers work to attack the new methods. It’s regrettable, but it is reality. One way that hackers get into accounts is by exploiting the process of account recovery - where a password reset occurs and 2FA is disabled. Another way is getting the credential item (such as the credit card); another is accessing the digital code used in authenticating credentials. Biometric credentials are more secure, but we all have seen the movies that get “creative” about stealing fingerprints. So with these risks, where possible, it is advisable to use 2FA for login access and a separate 2FA for account recovery.
2FA is valuable when it provides increased security along with simple usability It is likely that as more organizations implement 2FA for account security, it will be implemented in a “less annoying” way and will be expected by the account owners in order to access account information (just as single-factor authentication is today). And those using 2FA now find that they are used to it - and it is not very difficult to integrate into their approach to account access. (Such as those of us that get a verification code text on our phone when we login to a new device.) And assuredly, as more adoption of 2FA occurs, it will be continuously improved. "Cyber-security is like a game of chess.. Always trying to predict your opponent's next move." ~ Jason Brundage, Director of COMET Systems Infrastructure COMET security is a critical component of our services – providing continuous system access while protecting customer data. The most stringent technologies, protocols and practices are used in our product development. We are interested in your thoughts on adding two-factor authentication (2FA) to COMET. Click here to respond to a quick survey.