If there’s one thing that will both have a major impact on your IT security and is also relatively easy to set up, it’s enabling two-factor authentication. What is it and why should you enable two-factor authentication?
What Is Two-Factor Authentication?
You already have two-factor authentication in your life. When you use a credit card, the point-of-sales device needs both the card’s chip and your PIN. The chip and the PIN are both factors; hence the phrase “two-factor authentication”. A decade ago, this wasn’t the case. A POS device just needed to swipe your card and you’d be charged. Credit card companies adopted the chip and PIN system because, while a thief may gain access to your card, it is unlikely that they also know your PIN. The second factor, in this case the PIN, maintains your account’s security even if one factor (your actual card) is compromised.
In the online world, two-factor authentication usually means your account password and your phone number. For example, if you have an email account with Google, you can give Google your phone number and have them text you an authentication code when they detect someone logging into your account. This way, if a hacker has figured out your account information, they still won’t be able to get into your account because they don’t have your phone number.
Why Should You Enable Two-Factor Authentication?
Two-factor authentication is another layer of security that a potential attacker must defeat before they gain access to your account. It’s always a good idea to make it harder for potential attackers to gain access. It’s also relatively easy and painless to set up.
What Are Some Examples of ‘Factors’?
Something you know. You know passwords and answers to security questions.
Something you have. You can have a phone number, an electronic key fob, a USB stick, an ID card, or any other physical thing.
Something you are. Biological factors can include thumbprints, retina scans, face recognition, and more. Smartphones are only just beginning to experiment with these. Expect more of this in the future.
A place or time. Some online accounts or banks will contact you if they detect someone using your information at an unexpected place or two very different places close in time.
Where Should Two-Factor Authentication Be Used?
You should always use two-factor authentication on your primary email account, your bank accounts, your social media, and any account related to online shopping.
But that’s not all. If your business accounts related to cloud storage, customer information, financials, proprietary designs, or more, enable two-factor authentication.
Will Two-Factor Authentication Solve All My IT Security Woes?
No. There are lots of types of cyber attack and two-factor authentication won’t defeat them all. However, your risks of suffering a successful attack are much higher without two-factor authentication. Lots of cybercriminals are similar to a guy testing doors in a parking lot. Chances are, if that guy really wants into a car he can break in. But most of the time he’s looking for someone who has neglected basic security by not locking the door. Don’t be the business that doesn’t lock their door.