2-Factor Authentication (2FA) - Double Protection of Sensitive Data

Passwords generally still present a certain security flaw. Although most people understand that passwords should never be used twice, this is still often implemented for convenience. To double-protect systems or accounts, you can integrate so-called 2-factor authentication (2FA).

With 2-factor authentication, two different components (factors), which are independent of each other, are used for proof of identity and, for example, logging into a system or account.

The Federal Office for Information Security (BSI) has recognized the potential of 2-factor authentication and recommends that companies integrate this type of security into a company's IT.

Why and where does it make sense to use 2-factor authentication?

2-factor authentication is always useful to protect sensitive data or systems. It is used to increase the security when logging in, on the one hand, and to make it more difficult for hackers to access sensitive data on the other.

Two-factor authentication (2FA) is used most frequently when logging into e-mail accounts or a cloud. Furthermore, a 2FA also helps to activate systems or accounts that have not been used for a long time. If you have forgotten a password, for example, the second factor can help you to reactivate your account and set a new password. Tip: Use password managers such as B. KeyPass (free) so that you no longer have to remember long or complicated passwords.

If your company does not yet use 2-factor authentication, IT security experts can implement this for you. With the 2FA you can secure company networks, systems, or even apps.

Which different factors are used?

The factors of a 2-factor authentication are classified into three different types:

·         Feature:  A feature must be unique and unique, such as a person's fingerprint.
·         Knowledge:  This classification contains a certain knowledge that only the user has. These can be answers to predetermined questions, for example. PINs or passwords also belong to this category.
·         Possession:  The user owns an object, such as B. a bank card or a cell phone that he must carry with him for authentication.

The following characteristics can be used as factors in 2FA:

·         pin code
·         password
·         TAN lists
·         Voice and face recognition (for example on smartphones)
·         Detection of the pattern of the iris in the eye
·         fingerprint
·         Smart card
·         Token (software and hardware)
·         Etc.

Passwords are most commonly used as the first factor. The second most frequently used factor is sending a PIN as an SMS to your own cell phone or by email to your own mailbox. The owner then has to enter this PIN online, for example.

The use of face recognition or one's own fingerprint to unlock a system or account is enjoying increasing popularity and is used not only on smartphones but also, for example, on laptops.

Disadvantages of two-factor authentication

·         Of course, 2-factor authentications take more time, as two factors are necessary for unlocking. The convenience is lost here, which is why user acceptance is usually rather low. For this reason, users should be included in the planning of a 2FA at an early stage to increase acceptance.
·         To successfully decrypt the second factor as well, tokens or TAN lists often have to be carried along. These should of course be kept safe and must not fall into the wrong hands.
·         If a factor is lost, an account or system can cost money to lock and reopen.

Benefits of two-factor authentication

·         The great advantage of two-factor authentication is that credentials that have been stolen or decrypted are not sufficient to gain access to an account or a system. To gain ultimate access to the files, the attacker must also have the second factor.
·         With notifications when you log in again on another device, you ensure that only you can gain access to your account. So if someone else decrypts your password, you will, for example, receive an email with such notification and can react quickly and, for, For example, block your account.

All in all, 2-factor authentication may seem like more disadvantages than advantages, but you should keep in mind how you weigh them. If personal data or the entire IT landscape is to be better protected, all possible measures must be taken.

Although a secure long password alone is sometimes not enough to avoid hacker attacks, it still prevents them. Therefore, your password should be as secure as possible. Whole sentences, for example, are very suitable. Do not use the same password multiple times, even for convenience. A password manager will help you so that you do not have to remember these passwords or generate difficult-to-decrypt ones.

 

Would you like to secure your systems or your cloud? Please do not hesitate to install total security software for a trial.