TWO FACTOR AUTHENTICATION: ADDING AN EXTRA LAYER OF SECURITY

 TWO FACTOR AUTHENTICATION: ADDING AN EXTRA LAYER OF SECURITY


I’m pretty sure we all find the process of two-factor authentication a tad bit annoying when we log into our account from a new device. Unfortunately, it is a necessary evil. It is the wall to your digital data keeping it from falling to the wrong hands, adding an extra layer to the protection of your data.


But what is a Two-Factor Authentication anyway?


In the ancient times, people used wax stamps containing their signatures, signet rings, facial features and code words to identify themselves. Mark Stanislav in his book “Two-Factor Authentication has explained it in a wonderful way. An authentication has three ‘factor’ classes. For example, here the signet ring represents what you have, facial feature represents what you are and code words show what you know. Similarly, in modern day technology, a smartphone represents what you have, fingerprint what you are and passwords represents what you know.


Two-factor authentication also called 2FA, is a security process that adds an extra layer of protection beyond your regular password. It's like having two locks on your front door instead of one, making it significantly harder for unauthorized access.

How does it work?


Passwords, despite our best efforts, are still fallible. Hackers can employ various tactics, from brute force attacks to phishing schemes, to compromise them.

2FA operates on the principle of 'something you know' (your password) and 'something you have' (a secondary authentication factor). The combined use of these two elements creates a protective shield for your digital data. Once you enter the password and its verified, the system takes you to another round of verification.

2FA offers various methods to verify your identity:

  • Text message: a unique, time sensitive code  is sent through SMS. The system checks if the code you provide matches the code it generated and sent to your phone. They are also sent through email sometimes.

  • Authentication app: Apps like Google Authenticator or Authy uses a time based one-time code generated by your smartphone that matches the code expected by the service you want.

  • Pin: Sometimes the system asks for a pin other than your password as an extra layer of security.

  • Fingerprint: Some systems authenticate you through fingerprint recognition. But not all devices support that. Some even use facial recognition.


     You just have to select the best tool for the job, depending on your preferences and security needs. Physical security keys, such as YubiKey, provide a highly secure method of 2FA. They require the user to physically plug in the key or tap it to a device for authentication. Some 2FA systems provide backup codes in case you lose your primary authentication device. These codes can be used to regain access to your account.


Behind the scenes


Strong encryption is often used to protect the transmission of authentication codes and ensure that they can't be intercepted or easily deciphered by malicious actors. These protocols help ensure the security of 2FA processes. Many systems maintain a log of 2FA attempts, successful or otherwise. This information can be used for security analysis and monitoring, helping to identify any suspicious or unauthorized access attempts.


Why should we use 2FA? 


2FA is crucial for protecting sensitive personal information and financial data. It's a critical defense against identity theft and financial fraud. It helps protect against phishing attacks. Even if you inadvertently provide your password to a phishing website, the attacker won't be able to access your account without the second factor. By implementing 2FA, you're effectively raising the drawbridge to your digital fortress. Even if a hacker figures out your password, they'd still need the secondary factor, which could be your smartphone, a security token, or biometric data, to breach your defenses and access your data.

           


The digital world is a dangerous place where evil minds lurk at every corner trying to access your personal data. 2FA ensures that you remain the sole keeper of your data. So next time you log in, don’t think of it as an inconvenience, instead think of it as your fortress.

Stay safe, stay secure.



Let's connect


0 Comments