Two Factor Authentication: The Basics
Two-factor authentication means that whatever application or service you’re logging in to is double-checking that the request is really coming from you by confirming the login with you through a separate venue.
You’ve probably used 2FA before, even if you weren’t aware of it. If a website has ever sent a numeric code to your phone for you to enter to gain access, for instance, you’ve completed a multi-factor transaction.
2FA is essential to web security because it immediately neutralizes the risks associated with compromised passwords. If a password is hacked, guessed, or even phished, that’s no longer enough to give an intruder access: without approval at the second factor, a password alone is useless.
2FA also does something that’s key to maintaining a strong security posture: it actively involves users in the process of remaining secure, and creates an environment where users are knowledgeable participants in their own digital safety. When a 2FA notification comes to a user, they have to answer the question, “Did I initiate that, or is someone attempting to access my account?” This underlines the importance of security with each transaction. While most other web security methods are passive, and don’t involve end users as collaborators, 2FA creates a partnership between users and administrators.
Different 2FA methods use varying processes, but they all rely on the same underlying workflow.
Typically, a 2FA transaction happens like this:
While the basic processes behind multi-factor authentication are generally the same across providers, there are many ways to implement it, and not all methods are created equal. Let’s dive into the various types of 2FA.
Generally, multi-factor authentication systems rely on at least one of the following approaches.
use internet connectivity to deliver login approval requests, which is more secure than using phone lines. DUO and Google Authenticator App are some of these types of Apps.
To learn more about our Managed Services go to our Managed Service Provider page.
Because 2FA is a cloud-based service, it’s relatively easy to implement and can be rolled out gradually to your organization. The basic process for getting started goes like this:
AT-NET’s staff is very versed in 2FA and our services include setting up your company’s 2FA as a standard part of our engagements. In the post-password world, strong web security relies on a dynamic approach built from a variety of tools and policies. It’s important to never rely on any single method for comprehensive protection. That means two things: (1) if you’re currently relying on passwords alone, it’s time to evolve, and using 2FA is a solid first step; and (2) 2FA is an essential security tool, but it becomes even more effective when it’s used as part of a coordinated strategy of security applications and policies.
This will close in 0 seconds