Two-factor authentication and why you need it
Posted by Ethan Dodds on 21 Jun 2022
In today’s ever-changing, technology driven world, it’s highly likely you’ve heard the term two-factor authentication (2FA) before. 2FA is essential if you want to operate in the online space in 2022 and make sure your data is protected.
If you feel like you’re way out of your depth with this cyber security method, don’t worry! We’re going to give you a quick rundown on what 2FA is, why it’s important and what 2FA practices we have in place at MOM.
What is 2FA?
Two-factor authentication is a second layer of security that is implemented to keep your accounts safe in the event of your password being hacked or leaked. This second layer of security can come in the form of a 4 or 6 digit code, a biometric verification or a prompt that appears on your personal device (i.e. your phone, tablet or smartwatch).
Why should I use 2FA?
Two-factor authentication is used to make it harder for hackers to gain access to a user’s devices or online accounts. For example, if a hacker figures out the password to your Facebook login but doesn’t have access to your device with your 2FA method on it, they won’t be able to access your account.
What are the different types of 2FA?
There are multiple ways in which a user can be authenticated using more than one authentication method. Currently, most methods use a knowledge factor such as a password for their first layer of authentication and a possession or inherence factor as an additional layer of security.
- A knowledge factor is something that a user knows, which could be a password or a PIN.
- A possession factor is something that the user has, such as a mobile device, an ID card or a security token.
- An inherence factor which is also referred to as a biometric factor is something inherent in the user’s physical self. These commonly come in the form of a fingerprint scan, voice recognition, face scan or eye scan.
What do we use?
Here at Massey Online Management, we have two go-to ways of implementing 2FA. Our first is through the use of google authenticator, an application that generates a different six digit code every thirty seconds which must be entered after the password. The second 2FA practice we use is an authentication token in the form of a physical device known as a YubiKey. The YubiKey is a small USB device that requires the user to physically touch the button on it to generate a one-time password (OTP) which is used to log in.
As always, if you would like to discuss things further with our wonderful team please feel free to contact us.