Wednesday, December 29, 2021

Tip of the Week: Understanding Your 2FA Options

 Regardless of how airtight your organization’s password policies are, relying on passwords as your exclusive security measure just isn’t enough to resist some of today’s threats. This is why we—along with most other industry and security experts—recommend that two-factor authentication (2FA) be put into place. Let’s review some of the options available for your 2FA, and the added security it can introduce, for this week’s tip.


First of all, we should clarify something: any 2FA is better than relying on a password alone. There are three ways for a password to be undermined, after all. It could be stolen, guessed, or cracked through software. Boosting your security with an additional confirmation of your identity gives those who would attack one of your accounts an extra hurdle to clear, which is why you should embrace every opportunity to use it… especially in the professional setting.

What Kinds of 2FA Are There?

There are a few different varieties of 2FA you can choose from.

SMS

Basically, when you try to login into an account, a secondary code is sent to your mobile device for you to provide. Not only is this a convenient and user-friendly option, but it is also accessible thanks to how often people will have their mobile device in the vicinity (if not on their person). While not the most secure option available thanks to phishing attacks, using text-based 2FA is still a safer option than foregoing 2FA altogether.

Apps

Authentication applications function by kicking out a refreshed code every minute or so that must be input into the requested field before the time expires. As a result, the mobile device serves as an extra key that the person accessing a resource needs in order to open it. Again banking on the near-symbiotic relationship many people develop with their mobile devices, the tradeoff here is that the device needs to be powered on and ideally present… so forgetting the phone at home could seriously hinder productivity.

Hardware

You know that key analogy we made with the authentication apps? Modern hardware authentication solutions are the more literal interpretation of this concept. Requiring the user to plug a token or a USB dongle into their hardware or press a button on the device, this method has surged in popularity with phishing and other scams being so commonly used. While these keys have a price, it is comparatively small to what a data breach could result in.

Biometrics

We’ve all seen the spy films, where an authority figure accesses a super-secret lair or lab by having their iris scanned, their handprint analyzed, and other similar tests. Biometric authentication is the practical application of that and is now found on devices as common as a smartphone. While useful, its convenience can be tempered by some solutions being less accurate than others.

The Best Option for You is the One You’ll Use

It’s really as simple as that. While the above options aren’t all as secure as the others, they each are undoubtedly better when the alternative is protecting your precious data with a crackable password.

No comments:

Post a Comment