It’s becoming a regular occurrence to hear that Company X has had a data breach, and countless user accounts were compromised as a result. With so much of our digital lives now existing on someone else’s computer, it’s imperative that secure authentication methods are utilized. The issue is further complicated by the fact that newer technology makes it possible to crack some encrypted passwords in seconds. How do businesses, and people in general, protect their online accounts and identities?
Two -Factor Authentication (TFA) has become the popular answer to this question. Most of the larger service provides such as Facebook, Google and Microsoft, have embraced TFA and recommend that users adopt the process. We’re also happy to see smaller cloud and app providers also recognize the importance of keeping accounts secure, and have begun to offer the feature as well.
How does TFA work?
As the name would suggest, there are two factors required for authentication to be successful. Those factors are based upon something you know, and something you have. The first factor, something you know, is the password that you use to login to a site or service. The second factor, something you have, is typically your cell phone, or other portable device that you can take with you. Once you enter your password to login, you are prompted to enter your TFA code. This code is generated by your cell phone, is typically 6 digits, and changes every 30-60 seconds. Once this code is entered, the login process is complete.
Requiring the additional second factor (6 digit code) to authenticate your account, based upon something only you would have, and that changes on a regular basis, makes compromising a TFA account exceedingly difficult.
From the service providers perspective, enabling TFA is generally as simple as clicking a checkbox, or enabling the option. This usually triggers an email to the user with instructions on how to configure TFA.
Using their mobile device and a TFA application, the user takes a picture of the QR code which was included in the initial email, and the link between the service, and the phone application is completed. This initial setup is a one-time process. Going forward, the user will only have to enter their password, and the random code to login.
Enabling TFA only requires a small amount of time to setup, but offers a huge increase in security. You can sleep better at night knowing that even if your account was compromised, without the TFA code, no one can get into your account.
If you’d like assistance determining which of your IT software vendors are supporting TFA account logins, please feel free to reach out to the SIRKit team to get the conversation started, and increase the security of your accounts!