2 Factor Authentication (2FA)

Posted on by

2FA is a critical step in increasing your security posture both individually and as an organization. Our rule of thumb is to add this feature to every account it is available on. Having two or more authentication steps makes it harder for attackers to breach an account. Most apps, devices and services have the option to enable 2-factor authentication, and it’s always best to use it.

There are three different types of authentication:

  1. Something you know: credentials only a user should know (i.e. username, password)
  2. Something you have: credential/code retrieved from a physical possession, usually a hardware device (i.e. security token, software token, or mobile phone used). Text messages remain the least secure of these methods, because they can easily be intercepted. However, even weak 2FA is better than 1FA.
  3. Something you are: a user’s identifiable biometric characteristic (i.e. fingerprint, voice, iris scan)

2FA means that the account you are logging into requires 2 of the 3 forms of authentication. Multi-Factor Authentication (MFA) requires at least 2, sometimes all 3 forms of authentication.

Many mobile device users are beginning to recognize the value of biometrics in their security, but unfortunately, some are using it as the ONLY form of authentication. Don’t fall into that trap. Instead, include the added step of a password AND fingerprint on your mobile device. That way you know your personal or organizational information is safe.

Business owners, we know those hardware security tokens are expensive. If you are looking for an authentication app we recommend Duo. Duo Mobile works with Apple iOS, Google Android, Palm, Windows Phone 7, Windows Mobile 8.1 and 10, and J2ME/Symbian. Duo can generate time-based one-time (TOTP) passcodes that users can type into their login prompt to complete the 2FA process AND within Duo there is a feature called Duo Push that allows a user to press accept or deny on a login push notification. This speeds up the login process and takes a bit of the inconvenience away.

Yes Tech is ready to help your organization get up to speed with modern authentication methods for your devices and apps.