Update on Multifactor Authentication Methods

by | Mar 2, 2018 | Business IT News and Information For Small to Large Companies In Polk County

Multi factor authenticationEach year seems to bring even bigger and more expensive data breaches. It’s become commonplace to hear that your favorite retailer was just breached and millions of records were lost to hackers somewhere on the other side of the world. In spite of our best efforts, cyber crimes are now the number one leading crime worldwide. Every organization is vulnerable on some level.

Stopping Cyber Thieves

Though most companies now employ much stronger cybersecurity than they did 10 years ago, our society is light-years away from being impenetrable. Some industry experts believe we’ll never be able to fully stop all breaches from occurring. The reasons for this vary but the most logical line of thinking is that that technology is evolving at nearly a daily rate. With each new invention, we open another window that cybercriminals can climb through. Every new convenience we gain through technology is another potential vulnerability just waiting to be exploited.

Password Protected

According to a recent survey, about 60 percent of all internet users confess that they use the same passwords across multiple accounts. That means that a hacker only has to discover one password instead of a dozen. It makes the work of cybercriminals much easier. Once they have learned the password to one of your online accounts, they’ll go to work trying it on other accounts.

As a society, we must realize that cybercrime is escalating. Data breaches are becoming the norm. One of our most important defenses is to make it as difficult as possible for criminals to learn our passwords by creating log-ins that are hard to decipher. A 2017 Verizon Report on Data Breaches found that 81 percent of all data breaches occurred because user passwords were weak and easy to decrypt.

This is one area we all need to improve upon and it’s not difficult or expensive. Simply start today by creating passwords that begin with numerals and contain symbols and upper-case letters. Be sure to write the passwords down so you don’t have to memorize them all. Change all passwords on at least a quarterly basis.

Two-Factor Authentication

Another key element is our log-in security. Two-factor authentication (2FA) is one way to keep your data more secure. 2FA requires the consumer to utilize two methods to confirm that they are the rightful account owner. There are three categories of information that can be used in this process:

  • Something you have: Includes a mobile phone, app, or generated code
  • Something you know: A family member’s name, city of birth, pin, or phrase
  • Something you are: Includes fingerprints and facial recognition

Though 2FA does make it harder for the account owner to access the account, it also makes it difficult for cyber thieves to learn your password. Their job becomes much tougher because they now need to do more than just hack your password. They’ll need personal information about the account owner. With so many accounts being too easy to break into, hackers are more likely to just move on instead of trying to break through the multiple factor authentication process.

How to Implement 2FA for Your Business

Many companies now use some form of 2FA to protect their valuable data. In fact, there are apps today that make it much simpler to implement this type of security. Google Authenticator has quickly become a favorite app, along with Duo Mobile and Twilio Authy. Online gaming services have led the way in this type of technology because of their popularity and content.

Blizzard Entertainment, an online gaming service, requires that all users receive a code when first trying to log on to the site. The code is sent to the mobile phone number you have on file. That type of authentication makes it practically impossible for a hacker to steal your password. They would first need to know your mobile phone number and be able to intercept your text messages. As stated above, with so many accounts now so vulnerable, hackers are much more likely to just move to another consumer’s account where there isn’t such a sophisticated level of security.

These codes can also be sent via email instead of text messages, but experts highlight the fact that email accounts are easy to hack. That means thieves can intercept messages.

Time-Based One-Time Passwords

Time-based codes are a very effective method of stopping hackers. With this type of security, a dynamically generated code is sent via email.

A time-based one-time password (TOTP) will not stop the more determined cyber thieves but it is still much stronger than regular passcode methods. You not only need to know the code, but you have a specific window of time to use it before it expires. Though the code can hypothetically be intercepted, it’s a complicated process that hackers might want to avoid.

Other Security Methods

A newer, more complex method of security involves using a Hardware Token. This token is an actual item that the user has with them. Though this is extremely effective, it also has a number of drawbacks and has not been widely used. To date, the 2FA method has been viewed as the most secure while still being convenient for users. It is widely used by financial institutions and developers are working on ways to make this type of security even stronger.

One thing that industry experts warn about is the “set it and forget it” risk. Often, a business will set up the two-factor authentication protocol, but then just assume that everything is well-protected from that point onward. In order to be as secure as possible, all network and internet security require frequent checks to make sure things are still working. Security experts also recommend regular patches and updates to the software. Implement a simple alert system that notifies your IT department of any unauthorized access attempts. These are just a few of the many ways we can all protect our online data.