Why is Multi Factor Authentication Important?
In the real world, proving your identity is easy and straightforward. When you show up in person to open a bank account, or book a hotel, you present your government-issued ID so that the company you are dealing with, can physically see that you are who you claim to be.
This process gets far more complex in the digital world. Now, these same companies must find a way to verify your identity. Even though you are not physically present, companies must find a way to ensure your digital identity is your real identity.
In a nutshell, your digital identity is the compilation of information about you that exists in digital form – right from your date of birth to your mother’s maiden name. Website security questions have been around since the dawn of web but became ubiquitous after the Federal Financial Institutions Examination Council recommended that banks must improve their security measures for online banking.
However, so-called security questions outlived their usefulness long ago. Now that everyone is willing to share personal details on social media and network, answers to these questions have become easier to find or guess. Your mother’s maiden name is not a secret anymore and yet this question, and similar flawed questions continue to be asked when we forget a password or login from a new device.
Despite the availability of two-factor authentication, this method has persisted on sites that we frequently use and that contain sensitive information and data – Facebook. Amazon, PayPal, banks and airlines. 95% of cybersecurity breaches are due to human error.
Into the Data Breach
Massive online security breaches have become routine demonstrating these questions’ vulnerabilities. Security questions and answers were among the data stolen from 1 billion Yahoo accounts in 2013, and criminals answered questions drawn from credit card report data to access more than 70000 taxpayers’ transcripts at the IRS.
A Clark School Study at the University of Maryland reports an alarming near-constant rate of hacker attacks every 39 seconds. In 2018, Cybersecurity Ventures reported that hackers stole half a million personal records. While some hacks are beyond your prevention, it is a stern reminder that you need to stay one step ahead of the hackers.
Therefore, “financial institutions may take extra measures to determine identity when they spot unusual transactions or attempts to login from unfamiliar devices or networks” says Doug Johnson, senior vice president for payments and cybersecurity at the American Bankers Association.
Fundamentally, our society is more technologically reliant than ever before and this trend will increase exponentially. Personal data that could result in identity theft is now posted on the social media. Sensitive information like social security numbers, credit card information and bank account details are now stored in cloud storage devices like Google Drive, Dropbox, etc.
With the rise in cloud services, smartphones, and the Internet of Things (IoT), we have a myriad of cybersecurity threats. This is prompting businesses around the world to leverage authentication methods that are easy to use and more secure than traditional security questions.
What You Can Do
Given this landscape, we need to take extra steps to protect our data. Your goal should be to make your accounts tougher to compromise. Here’s how to do that:
More Than One Factor
Two factor authentication (2FA) involves two different authentication factors to verify the users. It has a major edge over single-factor authentication in multiple ways. The first layer is always your password while the second layer is something that proves your identity. This second factor comes from a few categories:
The purpose of this method is to make the attackers’ life harder and reduce risks. If you already follow basic password security measures, two factor authentication will make it more difficult for cyber criminals to breach your account. According to a study by cybersecurity firm Symantec, 80% of data breaches could be eliminated by the use of two-factor authentication.
Get Into a Routine
In the post-password world, security questions are premised on a paradox. Our experiences are universal and distinct to each one of us. Yet, it seems like we are all lazy in the same way. The interconnected age is magnificent but comes with its downsides. It requires everyone to stay alert and stick to best practices so that we do not fall prey to the whim of the bad guys.
It is important to never just rely on a single method for comprehensive protection. So, if you’re currently relying on passwords alone, it is time to start using 2FA. 2FA is an essential security tool which works better when used as a part of a coordinated strategy of security applications and policies. However, it may require some extra effort every time you want to login to your account, but not compared to the troubles you may face in case your account is hacked. Strong web security relies on a dynamic approach built from a variety of tools and policies.
Related Articles
Passwords are Dead
The demise of passwords Passwords have been all over the news for all the wrong reasons for sometime now. They are being compromised more easily every day. The death of passwords seems inevitable right now. Bill Gates foresaw its demise back in 2004. ...Enterprise Single Sign-on: Key benefits
What are the Driving Factors for Enterprises to Deploy Single Sign-on Solutions? Single sign-on (SSO) is an authentication service where one set of login credentials is used to gain access to multiple independent but related applications. Using ...Cybersecurity Trends to Lookout for in 2021
Current trends in Cybersecurity: Blockchain, biometrics, GDPR and more In this digital age, all our online activities leave trails. In spite of privacy-related incidents that have affected businesses and individuals alike, very little has gone into ...NIST Guidelines for Enhanced Password Security
Passwords are the first line of defense for enterprises against security breaches. A secure network environment requires its users to use strong passwords. Password policies are present to help the system administrators ensure that users in the ...PCI DSS Compliance Tool for Log Analysis and Reporting
Secure Cardholder Data with PCI DSS Compliance Tool In August 2019, reporters began flocking to Chooseus Life Insurance’s head office in Detroit after news leaked that thousands of the company’s customers had lost money due to a security breach. The ...