Two factor authentication is a little bit like locking your door and then locking your deadbolt. One lock might be sufficient, but that deadbolt really comes in handy when someone tries to break in. You may already be using a password to protect your sensitive accounts and data, but if you aren’t using 2-step authentication, then you are leaving your information vulnerable and exposed. This extra security step may seem like a hassle, but it is a critical element in a good digital security plan for your personal accounts and for your business.
The news has been flooded with recent news of data getting hacked and personal information being stolen. Anthem Insurance, Target, and other big retailers have have had customers names, email addresses, birthdays, wage information and street addresses stolen. These security breaches have cost millions of dollars and the confidence of customers.
Two-step verification uses a traditional password in tandem with a second step as an additional security measure. The second step can be an additional question or the possession of a physical component, such as a cell phone. When you go to an ATM to make a withdrawal, you must first insert your card and then enter your pin. This is an example of multi-step authentication. If someone wanted to make a withdrawal from your account they must possess both the physical card and your PIN, thus making it harder to access your account.
Securing an account has three levels:
- What you know (password)
- What you have (a phone)
- What you are (fingerprint or retina scans)
As a society, we are currently moving from ‘What you know’ to ‘What you have’ security. For businesses, this level of security is becoming the due diligence expected of decision makers. This means that if there is a breach and two-factor has not been implemented, it puts the organization at a risk of liability for the breach.
According to Google Support, “2-Step Verification adds an extra layer of security to your Google Account, drastically reducing the chances of having the personal information in your account stolen. To break into an account with 2-Step Verification, bad guys would not only have to know your username and password, they’d also have to get a hold of your phone.”
It’s easy for someone to hack your password. It’s even easier to hack into your personal data if, like many of us, you use the same password for a variety of accounts. Even if you are careful with your passwords, everyday online activity can leave you prone to attack. If you use the same password on more than one site, download software from the Internet, or click on links in email messages, you have already participated in “risky” behavior. These online activities are nearly impossible to avoid entirely, so instead of becoming a sort of online hermit, start implementing 2-step authentication and get on with business as usual.
Dozens of the biggest websites already offer 2-step authentication. These digital giants, including Amazon, eBay, LinkedIn, and Twitter, think that 2-step authentication is important enough to offer and encourage it. Even though it might seem like an unnecessary hassle, many experts recommend implementing 2-step verification everywhere you can, especially in the places you spend the most time online or wherever you log personal information. If you are unsure if a service or site supports 2-step authentication, head over to twofactorauth.org to see if it is offered.
In conclusion, you’d better play it better safe than sorry with 2-step authentication. Sure, it might be inconvenient to check your phone for a code or enter an additional security question, but getting your personal or business data stolen is even more of a pain. So, protect yourself and your business with 2-step verification wherever it is available and avoid any nasty surprises.