Two Factor Authentication

As computer fraudsters and identity thefts continue to become more complex and more dangerous, it’s important that internet security continues to rise. Many people may not understand what two factor authentication is, but it’s an important aspect of your internet security.

Ads

Two Factor Authentication (TFA) works as a second security layer when logging into websites or secured servers. People use it everyday and oftentimes don’t even realize it! A lot of the time two factor authentication comes down to two different aspects of things. These aspects are possession and knowledge.

The Knowledge Factor:

There are multiple forms that knowledge can take. It may be identification, or proof of identification that is required.

Passwords: Knowledge in two factor authentication usually comes in the form or passwords. Passwords come in all shapes and sizes and complexities. There are relatively easy passwords like pin numbers, and then more detailed ones required by a lot of online websites. Passwords are common and required by basically anything at this point. It is a simple way to provide safety. People need to provide their own security on their passwords, and ensure they never leave them in combination with their possession authentication.

Identification Questions: These are often used when there may be some kind of question or discrepancy into a login. Commonly these will appear after a long time logged out or when you are logging into a website from a new ip address. They will ask you for responses to pre-planned questions where you have inputted the answers. The key is to pick questions that fraudsters or other online criminals

The Possession Factor:

The possession aspect of authentication obviously refers to physical possession of something that you have designated as your own, or have been issued.

Cards: Credit cards, client cards and any other card that has chips or stripes or barcodes is intended as your physical possession identification. Usually these are combined with additional proof like passwords, pin numbers or photos.

Authenticator Clients: Authenticators are small logarithm based tools that will produce a specific number that needs to be entered into the online login. The video game provider Blizzard used to deal with a large amount of their accounts being stolen by people accessing usernames/passwords. In response they introduced the option of their players to use an authenticator for their games. Account theft dropped heavily after the introduction and widespread usage of authenticators by their user base.

Cell Phones: Cell phones offer a unique opportunity for possession authentication. Most people out there now have smartphones. As long as they possess their smartphone they can prove their identify. This is accomplished through a few different methods on a cell phone. The first method is through SMS messaging (or text messaging). When authentication is required, a text message will be sent to the cell phone and the User can then enter the information. Alternately authenticator clients can be in app form now. So whenever you need to entire your authenticator information, you simply use the item provided by the app. It’s important that you don’t store passwords or knowledge information on your cell phone if it’s being used as a possession authenticator.

Ads