If you haven’t heard of Two-Factor Authentication, it’s about time that you have. Cybercrime is on the rise, and it is only time before your passwords, banking info, and social media accounts are put in harm’s way.
Believe it or not, it’s a lot easier than most people think for hackers to obtain passwords and usernames, even if they are a slurry of letters, symbols, and numbers. Everybody’s information is at risk in some way shape or form.
Did You Know?
90 percent of employee passwords can be cracked in six hours?
We see news bulletins every week about the latest data breach at large corporations everywhere in the world. Surely there must be something to prevent cybercrime like this.
We need to make it a priority to make it as hard as possible for hackers to get a hold of this data.
What Most People Are Doing Wrong
According to a recent survey, about 60 percent of all internet users confess that they use the same passwords across multiple accounts.
This means that the hacker only needs to crack one password to gain access to all the user’s accounts.
The 4th most common password of 2017 was “1234”, and 2 out of 5 people surveyed kept all of their passwords in a word processing document labeled “passwords” Commonalities like these make it very easy for hackers to break into accounts.
A 2017 Verizon Report on Data Breaches showed that 81 percent of all data breaches were due to weak passwords that were too easy to decrypt.
The best passwords to use contain both lowercase and uppercase letters, at least one symbol, and numbers. This doesn’t mean that these passwords are un-hackable.
Using a mixture of these components makes it more difficult for hackers to decrypt.
What is 2-Factor Authentication?
Two-Factor Authentication (TFA) is a feature that requires a secondary passcode or passcode that is sent to or retrieved from another device.
Using Two-Factor Authentication throws hackers a difficult situation.
To successfully break into your account, the hacker will need to obtain your username and password for the log in they are trying to access, and somehow gain access to your secondary device to retrieve a second-factor pass-code.
This doesn’t mean that it is impossible to have an account broken into with this feature set up, but it does make it much harder to complete.
This security measure has become available on mainstream websites and programs such as Facebook, Instagram, and most online banking sites.
The availability of this feature has become a new standard for password protection. It is expected to be available on just about all web secure log in’s in the near future.
Key Generation Devices
Devices that are used to retrieve the second security factor are completely separate from the device attempting to log into an account. A few common devices are a cell phone, security key FOB, and RFID key cards.
Two-Factor Authentication using a Cell Phone:
There are two different retrieval methods when using a cell phone for Two-Factor Authentication.
The first is a simple text message sent to the phone with a passcode.
You probably have gone through this process with something like Facebook or online banking.
The second retrieval method is called Time-Based-One-Time-Password (TOTP).
This method generates a multi-digit pass-code that changes every 60 seconds or so for each program or web login registered.
To use OTP, the user will need to download an app like Google Authenticator+ to retrieve this pass-code.
Two-Factor Authentication using a Key FOB:
TOTP can also be used through security key FOBs.
These FOBs are usually distributed to employees of a company, and are typically used to allow access to secure files like CRM and various MIS programs.
Using these devices does make it hard for hackers to gain access to a user’s password, but are not considered to be the safest method to use.
Everyone loses things sometimes. If this small FOB falls off of an employee’s keychain, or out of their pocket, it could be found by a foe rather than a friend.
Most companies are quick to deactivate a FOB once an employee reports it lost, but replacing the FOB comes at a cost.
Two-Factor Authentication using an RFID Card:
Like key FOBs, RFID Cards are commonly provided by companies to their employees.
These cards contain a small computer chip that is loaded with an intricate code, just like your credit/debit card.
An employee will need to scan or swipe their RFID card through a reader on the computer to retrieve the second-factor pass-code.
Just like a key FOB, this card can be easily lost, and come at a cost when a replacement is needed.
Sometimes this means not being able to use essential programs until a new card is programmed.
As you can see, these costs come in both form of time, inactive labor hours, and monetary cost of replacing the card.
Is Switching to Two-Factor Authentication Expensive?
In most cases, switching to Two-Factor Authentication is not expensive at all! Especially compared to the costs that could be induced from a cyber-attack.
The cheapest method to take advantage of is using cell phone applications like Google Authenticator. Applications like this are typically free!
The main expense in switching is putting in a few minutes to set up your phone number and a master password for the application login.
One of the most important things to remember when going through the process of setting up Two-Factor Authentication is to not to lose your master password for the application.
Using security key FOBs or RFID key cards come with the cost of purchasing the devices and the time they take to program. As discussed previously, the downside to using these two methods is that you have to pay fees for lost cards or FOBs.
How Can I Recover My Master Password?
Recovering this password is not possible. Because these application companies are trying to prevent your information from being stolen, I’m sure you can imagine that they don’t give out password resets easily.
You will need to open a new account with the application and choose a new password.
Because of this, it is a good idea to have an offline unencrypted backup as HTML or text file to reimport into the new account.
Why Should You Switch to Two-Factor Authentication?
Let’s face it, cyber criminals are learning how to break through security encryptions just about as fast as they are coming out. Breaking passwords like “1234”, or your first child’s name and birth year is literally a walk in the park for hackers.
Security questions like “What was your first car?” or “What was your 2nd-grade teacher’s name?” are near useless. Think about it. With the content people post on social media today, these things are not difficult for someone who is not a hacker to find.
Using Two-Factor Authentication will not make your passwords hacker proof, but it will drastically reduce the chance of them getting stolen.
Less experienced hackers lack the skills to break these forms of encryptions, and more experienced hackers are less likely to put in the time and effort unless there is a certainty of a high-value return.
This feature is an effective, easy, practically free way to protect your money, data, and online profiles safe. It doesn’t get much better than that.
What Steps Should I Take to Make the Switch?
If your business has an IT department or uses a managed IT Service Provider like Technology Visionaries LLC, the first step would be to contact them. IT professionals will be able to provide the best advice for which method of approach fits your business.
If you are making the switch on your own, we suggest using your cell phone as the device for retrieving second-factor pass-codes. Google Authenticator is one of the most popular and secure free applications, and syncs with just about all programs offering Two-Factor Authentication.
Follow these steps to complete set-up:
1. Download Google Authenticator from the Google Play Store or Apple App Store
2. Complete profile setup in an application (set a master password and phone number)
3. Log into your programs/web accounts and click into something like “security settings” or “password settings”. You should be able to find these in your profile/account navigation drop-down menu. You should see a tab for “Two-Factor” or “Two-Step Authentication”
4. Complete Two-Factor set-up in program or web account. This process will ask you for your phone number and have you scan a QR barcode with your phone camera to register the account with Google Authenticator.
5. Log into Google Authenticator and you should see the accounts name with the current 8-digit pass-codes to log in to your accounts.
Protect Your Business Data
Get the best IT security New Jersey has to offer!
Contact an expert at Technology Visionaries LLC Today!