entering a password on a computer

An introduction to 2 Factor Authentication

Ensuring that passwords are strong and secure has always been a hot topic in the world of information security. All Alliantist products, including pam and ISMS.online, use a system called 2 Factor Authentication to protect our customers and our business from potential hackers

What is 2 Factor Authentication?

The burning question! 2 Factor Authentication goes by many names. Sometimes TFA, 2FA, multi-factor and 2 Step Authentication, which are all variations on the same thing.

So what is it? Well, 2FA is essentially an additional layer of security that wraps around passwords, usernames, logins and online security. In a nutshell, it ensures confidentiality by making sure you are who you say you are when you log into an online account.

2FA works by requiring the user to enter more details than a simple username and password. These details come in the form of an additional piece of information that only that user will have. This is often a physical hardware token, like a fob or card reader you might receive from your bank, or SMS messages and email codes. More recently though, we have seen digital versions of 2 step verification, like the Google Authenticator, which generates a unique key via an app.

Authentication can be obtained using any two of the following ways.

  1. Something you know – this can be a password that you set up, a PIN for your credit card or the answer to a secret question.
  2. Something you own – a mobile phone, laptop or computer.
  3. Something you are – a fingerprint, retina match or other biometric signals.

 

Promotional video from Google, explaining 2 step verification

What are the benefits of using two-factor authentication?

The value of your information can’t always be assessed. On a personal level, it might be family photos that if lost, could never be replaced. You will most certainly hold information that leads straight to your bank account, where the value could be easier to ascertain. If your customer’s data is accessed, this breach could lead to fines and loss of consumer and industry trust. Either way, you don’t want this information to fall into the wrong hands.

Two-factor authentication offers an additional layer of security, in a world where passwords are constantly being attacked by hackers and keyloggers. So why wouldn’t you use it?

Can 2-factor authentication be hacked?

This remarkable security blanket sounds like the answer to our dreams. But is there a way for hackers to circumnavigate 2FA and access your information anyway? The answer is, of course they could.

Hackers will normally access systems using weak points of things like email accounts, or with the use of social engineering, and text messages and email codes are among the easiest to get around because of this. Using an external resource like Google Authenticator helps to prevent this.

Here at Alliantist, for our pam and ISMS.online software service products, we don’t charge any extra for this added service because we consider 2FA to be essential to improved login and online security.

ISMS.online now supports ISO 42001 - the world's first AI Management System. Click to find out more