Over the last few days, I’ve gotten a number of e-mails asking if two-factor authentication is truly more secure than just using a strong password. The answer is yes. Here’s why. When you use two or more factors of authentication, the user is required to present any of the following to access the resource in question:
- Something only the user knows. For example, a password.
- Something only the user has. For example, a phone.
- Something only the user is. For example, a fingerprint.
Because multiple factors are involved, it is far less likely for a cyber-criminal for example to break into an online resource that uses two or more factors of authentication. For example, Apple’s two-factor authentication system requires you to enter your password and then enter a PIN number that is sent to a trusted device such as an iPhone that is under your control and you can choose which one the PIN goes to if you have multiple devices. Thus in this scenario, a cyber-criminal would have to not only know your password, but they would also have to have physical access to your iPhone to get access to Apple resources that use this authentication system. That effectively stops brute force and social engineering attacks like the ones that led to those nude pics of celebrities being leaked.
The other question is should you use it. The answer is YES! And I am not only talking about using it for Apple products. Google, Dropbox, Microsoft. PayPal, Facebook, Yahoo, and Linked In off the top of my head have two-factor authentication systems. Hopefully, more companies adopt systems like these. Now I do understand that setting and using two-factor authentication systems can be daunting for some users. But I would strongly suggest that you turn them on and use them to secure your digital life. The simple reason is that this past week has proved that having a password, even a strong one, isn’t good enough anymore.
Like this:
Like Loading...
Related
This entry was posted on September 5, 2014 at 12:36 pm and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Hey IT Nerd: Is Two-Factor Authentication Truly More Secure & Should I Use It?
Over the last few days, I’ve gotten a number of e-mails asking if two-factor authentication is truly more secure than just using a strong password. The answer is yes. Here’s why. When you use two or more factors of authentication, the user is required to present any of the following to access the resource in question:
Because multiple factors are involved, it is far less likely for a cyber-criminal for example to break into an online resource that uses two or more factors of authentication. For example, Apple’s two-factor authentication system requires you to enter your password and then enter a PIN number that is sent to a trusted device such as an iPhone that is under your control and you can choose which one the PIN goes to if you have multiple devices. Thus in this scenario, a cyber-criminal would have to not only know your password, but they would also have to have physical access to your iPhone to get access to Apple resources that use this authentication system. That effectively stops brute force and social engineering attacks like the ones that led to those nude pics of celebrities being leaked.
The other question is should you use it. The answer is YES! And I am not only talking about using it for Apple products. Google, Dropbox, Microsoft. PayPal, Facebook, Yahoo, and Linked In off the top of my head have two-factor authentication systems. Hopefully, more companies adopt systems like these. Now I do understand that setting and using two-factor authentication systems can be daunting for some users. But I would strongly suggest that you turn them on and use them to secure your digital life. The simple reason is that this past week has proved that having a password, even a strong one, isn’t good enough anymore.
Share this:
Like this:
Related
This entry was posted on September 5, 2014 at 12:36 pm and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.