The Case for Two-Factor Authentication
September 1st, 2020 by admin
We always recommend our client partners setup and maintain 2-factor authentication for their organizations. And the basis of that strong recommendation is simple, and it's the only fool-proof secure way to ensure passwords are not compromised. Two-factor authentication (2FA) lets you protect valuable business assets by making it more difficult for hackers and thieves to gain access. So, what is two-factor authentication, and why does it help? Let's dig in.
Two-Factor Authentication Explained
Whenever an employee uses a username and password to access their computer, email, application, website, or server, they are using single-factor authentication. Once the program or site verifies that the provided credentials match their records, they gain access. Single-factor authentication is commonplace today.
With multi-factor authentication, you enter two or more factors before the application, site, or server, fully authorizes your access. By submitting two different types of credentials (app-generated code, face ID, fingerprint ID, etc.), you can protect your business assets in the case of password theft or the loss of a device.
There are three kinds of factors used in authentication technology:
- Knowledge-Based Factors. These are factors that are known by and usually set by the user. Usernames and passwords are the most common.
- Possession Factors. Key fobs, employee IDs, or one-time pass tokens delivered via email, text, or an app are all examples of possession factors, meaning users need to have this information or device to gain access.
- Inherence Factors. Fingerprints used to access smartphones, retinal and iris scans, facial recognition, and voice recognition are forms of inference factors, based on a biological trait that's unique to the user.
How Does Two-Factor Authentication Work?
With two-factor authentication, you use a combination of knowledge-based, possession, and inference factors to allow users access. It's a brief, extra step that curbs unwanted access dramatically. It's typically impossible to fake a Face ID – right? While it may seem like a nuisance to some users, it's an effective and vital preventative step.
Google noted in a recent report that two-factor authentication prevented 73 - 100% of automated bot attacks. Security keys, a type of hardware that plugs into a USB port, stopped all bulk phishing and targeted attacks. On-device prompts and texted codes were also highly effective.
Microsoft noted in a 2019 study that using multi-factor authentication meant your account was more than 99.9% less likely to be hacked.
The Benefits of Two-factor Authentication
Two-factor authentication makes sense for businesses across all industries. Here are the significant advantages of using this approach:
- Better Security. Adding another level of security makes it far more difficult for hackers who stole or bought passwords and usernames to gain access.
- More Productivity. Mobile workforces need access to data and applications from far-flung locales. Two-factor authentication ensures that employees can safely access required data and tools and remain productive even when out of the office
- Fraud Reduction. Two-factor authentication shows regulators, customers, and stakeholders that your business has the right solutions in place to prevent fraud and protect customer information.
- Lower Help-Desk Costs. With two-factor solutions in place, you can reduce the volume of calls to our help desk, many of which are for password-related issues. Automating these authentication tasks frees up support professionals and gets employees reconnected faster.
Get your organization setup with two-factor authentication today! Request help now.