Two Factor Authentication
What is it?
Also known as two-step verification, dual-factor authentication, or multi-factor authentication, 2FA is a security process in which users provide two different authentication factors to identify/verify themselves before accessing sensitive information on a website or app.
Authentication Factors?
Logging in with a username and password is simply ineffective at keeping information safe. Having a secure authentication process will combine several authentication factors, typically something a user knows with something a user has or is. With each additional authentication factor, there is another layer of security protecting personal information from potential hackers and fraud.
- Knowledge Factor -Something the user knows, such as a password, PIN, or passphrase.
- Possession Factor - Something the user has. This can be a security token, cell phone to receive a code, or ID card to approve authorization requests.
- Biometric Factor - Also known as inherence factor. Something inherent in the user's physical self, such as face ID, fingerprint, or voice ID.
- Location/Time Factor - Logins can be restricted by location or window of time of attempt for added security.
How does it work?
- User is prompted for login
- 1st factor is entered
- User is prompted for 2nd factor
- User must successfully complete both factors before entering site or app.
Methods of 2FA
- One time passcode sent to email or text
- Authenticator apps such as Google Authenticator (Android or iPhone), Microsoft Authenticator (Android or iPhone), or Duo. This method is safer than an email or text passcode since it is not susceptible to email or SIM card attacks.
- Security token (external hardware that is connected to login, creates a unique passcode) This is by far the strongest method, as it does not use credentials that hackers can steal.
Why is 2FA Important?
Passwords alone are not enough to keep scammers from stealing your private information. Password fatigue (the overwhelming feeling of having to remember an excessive number of passwords) is becoming a real problem among users, and it is putting more and more accounts at risk. This is leading people to use weaker passwords, or reuse them across multiple accounts, exponentially increasing the damage that can be done. The simplest solution to this is to turn on 2FA on any accounts that contain sensitive information.
The Bottom Line...
More and more of our vital information is housed digitally, easily accessible at our fingertips. With this ease comes an increased risk of exposure, either unintentionally or at the hands of hackers with malicious intent. The only thing consumers can do is be proactive when it comes to the security and safety of their information. Using tools like two-factor authentication can provide a much needed layer of protection whenever logging in to a website or app.
"Our focus is member services...How can we help you?"
Your savings federally insured to at least $250,000 and backed by the full faith
and credit of the National Credit Union Administration .
