Two Factor Authentication, also known as 2FA or TFA, is becoming an attractive, and more available option to using just a user name and password combination as your only online security. Here’s why.
Typical security systems rely on some subset of the authentication triad: something you know, something you have, or something you are. Simple security methods rely on having one of the three. This is the problem with simple security – an attacker simply needs to acquire the one bit of information or device, and they are in. Two factor authentication requires that a person possess two of the three, and this makes it harder for an intruder to successfully acquire both.
Passwords or pass phrases fall under the “something you know” category. So does the answer to your “secret question.” Or the combination to a lock or a safe.
A good example of “something you have” would be a a house key. On the network, this might be a RSA key, or an access code text messaged to your cell phone.
Something you are usually involves some sort of biometrics; a fingerprint, a retinal scan, an iris pattern, or facial recognition.
The problem with using passwords only is they are easily compromised through direct observation (shoulder-surfing or key logging), through deception (phishing or social engineering), or through automated password cracking. A password with fewer than 10 characters has an encrypted hash that can be broken with software exploits in less than a day in many cases. Longer passwords make this less of an issue. The other problem is the human propensity to reuse the same password on multiple sites. If your password is cracked once, it is cracked everywhere.
An example of two factor authentication would be a home that has deadbolt locks (something I have – a key) and a security system (something I know – the security code). Typical network or online 2FA options usually require a password, and a security code provided by a secure token or by text message.
There are a few online service providers that offer 2FA, and they are social networks Facebook, LinkedIn, and Twitter, and email service providers Gmail and Outlook.com. If you use these online services, you might want to set up the 2FA features that are available. In you are doing your banking or other finance services online, ask them if they can provide 2FA.
I suppose if the security situation continues in the direction it is going currently, we will be writing about the advantages of three factor authentication!
To read more on this subject, you might want to check out this article on Sophos.Share