Factor in More Than Just the Keys to the Castle

Nowadays, a password – no matter how formidable – just isn’t enough to protect the throne. With all the critical information we store online, Two-Factor Authentication adds an important security step to help your devices confirm that the person trying to log in is, well, you.

 

Find Safety in Something You Know, Something You Have, Something You Are

Passwords have become the keys to your kingdom, so you know it’s important to make them strong to prevent unauthorized access to your information. But even a strong password can be broken by a diligent cyberattacker, or the service itself might experience a breach. In either scenario, your password becomes next to useless – unless you have another layer of protection in place.

Two-Factor Authentication (2FA), a subset of Multi-Factor Authentication, requires an additional step to prove your identity. 2FA creates a more secure authentication scheme by combining two of the primary authentication methods:

  • Something you know, typically a password.

  • Something you have, usually a code generated by a smartphone or security token.

  • Something you are, often a fingerprint or other biometric.

A common method is a code generated by a smartphone app. After you enter your password, you’ll be prompted for your 2FA code from the app, which refreshes regularly. Some services send codes via SMS rather than an app, which is less secure but still better than no 2FA at all.

 

Getting Started with 2FA

2FA is a no-brainer for security: it’s simple, quick, and free to set up on most services, including email, cloud services, and social media. As a cybersecurity provider, your first step is using 2FA internally to secure your accounts, particularly any that access your critical company and customer data.

Then, talk to your customers about 2FA and help them set it up on their services. Some services allow you as the administrator to enforce 2FA as a policy, requiring employees to set it up upon login.

Keep in mind you may need to talk customers through setting up and using 2FA, as the nature of the system means that individual employees need to participate themselves. Encourage them to remember that it’s an important part of a strong security posture, and that any small inconvenience is well worth it to protect key accounts.

 

The New Normal

2FA is a standard feature in most business applications, typically found in the account settings or privacy menus: simply toggle 2FA on and follow the prompts. TurnOn2FA is a great resource for you and your customers with instructions for finding and setting up 2FA on many common services.

When vetting new vendors, do your homework to confirm that they support 2FA. If not, it may indicate that they don’t share your security-first mindset, and you might want to consider other vendors. And don’t hesitate to share your feedback with companies who don’t support 2FA – it’s a feature request they should prioritize and the more companies who participate, the better.

 

Stay Safe,

Your Friends @ Defendify