Cyber security and id theft experts suggest people user two factor or multi-factor authentication, but what is it? It is built into Facebook, LinkedIn and Twitter. Passwords are nice, but a lot of people use weak passwords, and they reuse the same passwords for all of their accounts (e.g. – school, work, banking, shopping, etc.). They also forget them. Passphrases are helpful, but people forget those too. Two factor authentication is a powerful in the world of cyber security.
Password security is strengthened by managers like LastPass and 1Password. These services scramble numbers, letters and symbols into strings of characters. Furthermore, the information is encrypted, so hackers don’t see words or phrases. All of the data are scrambled into unrecognizable databases.
- Something You Know
Two factor authentication takes full advantage of your passwords. When you log in to sites like Facebook, LinkedIn, Microsoft or XYZ Bank, they will ask for your password as they always have. Password managers automatically populate the username and password (as long as you know the master password). Your password will be a random series of numbers, letters and characters. Neither you nor wandering eyes on airplanes or trains will see your password. If you are not using a password manager, you will type in your username and passphrase.
- Something You Have
This is where TFA shines. After your password has been verified, it will ask you for the six-digit code. The website will send this six-digit code to your phone or other mobile device. Users are only allowed access to sites if they know this six-digit code. Data breaches of sites like Yahoo!, Target and Marriott Properties exposed the passwords of millions (in some cases billions) of users. Hackers must have access to your physical device (e.g. – iPhone, iPad, laptop, etc.) to gain access to your information.
Google, Microsoft and LastPass authenticators (downloadable apps) act in the same way. You log into an account and the account asks for a code. This app generates those types of codes. It’s extremely useful for quick sign-ins, They work cross-platform, and it’s faster than email or text codes. You can also use the app for no-password sign-ins for your accounts. The app also features multi-account support, and support for multiple websites and services.
All accounts are susceptible to hacks. We tell clients it’s not if they will get hacked. It’s WHEN. Two Factor authentication limits the likelihood. Password managers, biometrics and software updates should also be employed to protect information and assets. Employ two factor authentication on all of your accounts to protect your people, property and assets.
Scientifically Speaking, of course…