MULTI FACTOR AUTHENTICATION
From the past few years now, multi-factor authentication has become a part of our everyday lives. Some of the examples of this 2-factor authentication include- Your ATM Card + Pin to do any transaction using the ATM Machine if you have a safe deposit box in your bank then, you might need 2 keys to unlock it, to surf online some web pages ask you to enter a randomly generated alpha-numeric code while some web sites use a graphic image in addition to your password. Similarly, while accessing your net banking a/c some banks ask you to click on your security image and also send a unique security code to your no. after you enter your password and customer id. So, if you’ve ever used any one of these services to access you’re a/c then, you are already familiar with the 2-factor authentication. To simplify, it’s more than just one factor – like your password, which by now we all know can be very insecure or easily compromised.
For a better understanding lets understand it with a live example: You all have must see in action or spy movie that in any secure/protected area, the actor and villain scan his/her palm on the scanner, enters the security pin, scans his retina, and sometimes even speaks up his/her name just for voice recognition. This is the example of 4-factor authentication where the person is passing by 4 layers of security to enter into the facility.
Now let’s understand the concept of the working of this system. The back end security system combines the 2 different elements that are what we know i.e. the password or pin and what we have i.e. Our ATM Card, token, Voice, Fingerprint, SmartPhone, etc.). Understanding the criticality of the present time to protect our sensitive information, all the sensitive online accounts or network access accounts will require multi-factor authentication from online banking institutions to other important applications at work used on a day-day basis since this multi-layer authentication is the only solution available right now to block the unwanted or unauthorized access.
Stealing credentials in the form of static generated weak passwords is very easy but a randomly generated security code for 2-factor authentications can make hacking quite impossible with just a password. These tokens are no other than the soft token which is easily received in the form of SMS or over e-mails so that we no need to carry them physically without risk them loosing.
Multi-factor authentication is not only convenient for us to use but also it acts as a 2nd layer of security by making it difficult for the hackers to easily gain access to our private and confidential information such as bank a/c, etc. Therefore, it’s important for us to understand the criticality of the security breach and be ready to accept all the options of security available in front of us from an information security standpoint. Our awareness can lead to us asking the right questions and getting our vendors or service providers to invest in security and in protecting our online identity. An informed public can make better decisions on which we want to partner and do business with.
A free resource to check if an email may be a phishing attack is virustotal.com. If you want to learn more about how to secure your environment, please reach out to us at https://www.aurorait.com/