You may or may not have heard of 2 Factor Authentication (2FA). If you have, then you can find out a bit more about what it is and how it works, if you haven’t, then read on!
Years ago, whenever you needed to log into most online platforms, all you really needed was your username and password. Then bingo, you were good to go. However, in todays day and age, hackers have become a lot better at getting a hold of this information, meaning there has been a need to add extra layers of security to online accounts.
In this article, we’ll cover how 2FA works and look at some popular varieties.
How it works, a basic overview
As you can see from the image below, 2FA adds one more step of identifying ones self before being able to login to an online account. (That’s one additional step on top of the standard username & password).
The steps then become…
Step 1 – The typical login page which requires your username and password.
Step 2 (the extra method of authentication) – this could be anything from an SMS message to a trusted phone with a passcode or using an authenticator app like Microsoft’s. We cover the different types below.
The reason 2FA works well is because even if a hacker gains access to your login credentials, they would then require the extra piece of information in order to complete the login process. That extra piece of information is often very difficult for hackers to get a hold of.
The different types of 2FA
Now that we’ve introduced the basic concept of what 2FA is, and why it’s useful, we’ll look at some variations of 2FA that can be used for added security.
Possession factors are things that you can use to authenticate yourself that you would have in your possession, for example an SMS message to your mobile phone. Possession factors can also include ID cards, smartphone apps or even security keys (like ones you may use to access online banking).
Knowledge factor authentication, as you can imagine, requires the user to demonstrate in-depth knowledge of the account before being able to log in. This is usually information that you remember or is significant to you personally. For example, a fact or answer to a memorable question such as “your first pet’s name”.
Biometric factors have been implemented more and more in recent times. They include fingerprint reading (mostly on smartphones) as well as voice and face recognition. They are very strong as they require something that is biologically unique to you and physically attached to your body!
These are less commonly used. They involve providing/restricting access depending on your geographical location.
A good example of this is Netflix. You’ll be able to watch specific shows based on which country you’re situated in. If you are in the UK, for instance, you would not be able to watch the US version of Netflix and vice versa. However, in this particular case, it is somewhat easy to get around with the arrival of VPNs (virtual Private Networks) – but that’s an article for another time!
Lastly we have time factors, this is very straightforward and to the point. The authenticator in this case would limit access to the platform depending on the time. So if a platform is set to be accessible from 9am to 5pm everyday, you would only be able to login between those hours, anything either side would be denied.
How 2FA can be applied to your website
If you’re running a business or have a website that grants users login permissions and access, it is probably worth while investigating if you would benefit from having 2FA.
Of course, this comes down mostly to the importance of that information and the sensitivity of the data held. If you process financial or medical data, for example, it would not only be highly recommended, but required. If on the other hand, your content is not sensitive, 2FA may not be essential.
If you want to know more or find out how you can apply this to your website, contact us today to see how we can help.