Alisanne Steele | Rabbit Hole Technology | Thursday, July 26, 2018 |  blog

Target, Twitter, Time-hop (the list goes on and on) have had data breaches exposing multi-millions of user’s personal and financial information to bad actors.  However, this personal data is just one part of the puzzle if your accounts are protected by additional layers of security.  Two-Factor Authentication could protect you from exposure after an almost certain data breach, if all your accounts are gated by this additional layer of security.

According to Digicert, “Multi-factor authentication adds an extra layer of protection that could prevent scammers, even if they were able to steal valid user credentials,” from accessing your personal and financial data.

Two-Factor Authentication (a.k.a. Two-Step Authentication), by definition, adds a second authentication step to the login process for any solution or account (On-Premise or On-line) that supports it.

Nearly all banks (Check your bank or other accounts here), investment companies, and other financial institutions that do business online either require or offer Two-Factor Authentication.  It would not be surprising to see it mandated in the future for any accounts accessing private or financial information.

The traditional (single-factor) method of authentication into an online account requires you to verify your identity by proving that you know something that (hopefully) is only known by you. That piece of information being a password or passphrase.

If you can provide the password for an account, the program assumes that it’s really you who’s trying to log in and grants access to the solution.

The problem with passwords is anyone who manages to either steal it or guess it can log in to your account.  Passwords are bits of information that can be easily discovered.

Hackers and scammers are quite good these days at both guessing passwords using brute-force password guessing tools and tricking folks into simply handing them over via phishing scams. That means relying on passwords alone to prove an account owner’s identity is no longer a very secure gateway to your protected data.

Two-Factor Authentication verifies a combination of two of the following things before granting access to your account:

Something you are (Fingerprint, retina, or facial scan)

Something you have (your mobile phone or encryption key)

Something you know (your password)

Proving that you have something (physical possession of your phone or encryption key) is accomplished by the software or website sending a text message, call, temporary code, or other one-time data to your mobile phone device or encryption key which includes that changes every time you try to access to your account. That data is then verified by the solution prior to granting access.

If you fail to enter the correct code you’ll be blocked from logging into the account, even if you entered the right password!

Proving that you are something includes the use of a biometric scanner in addition to entering your user name and password.  These “scanners” included fingerprint imaging on cellphones and laptops as well as cameras in these same devices used for facial scans.

Some solutions also use an authenticator app to provide the second factor of authentication for their particular software or solution.  Some of these solutions have their own branded apps, and others use third party apps like Google Authenticator.

At the end of the day, Two-Factor Authentication can protect your sensitive data because it enables an additional layer security that is difficult to mimic by increasing the security that guards your personal, financial, or other protected information.

As always, we are here to get you on the right path!

~Sanne