How secure is the humble password? The answer is not very secure at all.
Computer users have been reliant on the password for decades. Whether in the office, at home, or out and about on a mobile, the humble password is the security method of choice.
In the past this has always been an acceptable method of security. However, security experts will tell you that in the modern world of connected businesses, the password is well known as the weakest link.
First of all, passwords are easy to steal. Either electronically through viruses and malicious software or through social engineering techniques. Users’ passwords can be hacked, guessed and coerced far too simply meaning that sensitive business and personal information is at risk.
One of the biggest problems with password theft is that it very difficult to know when passwords have been compromised. Security logs will show that a successful logon occurred, but proving who is behind the login is nearly impossible.
Which means that it’s more important than ever to find more secure ways to protect your personal and business data, particularly with the sophisticated threats that have surfaced recently.
One of the ways of increasing security is to implement two-factor authentication, which will help to keep your accounts as secure as possible.
Two-factor authentication has been around for a while, and is a practical way to add further security to the User logon sequence.
What happens is that users have to confirm identity twice to log into accounts. This may seem unnecessary but the effort is a far better option than giving hackers/criminals the keys to your digital data.
Authentication to access a computer system falls into 3 main categories:
Two-factor authentication is a combination of any two of the above three ways. The first authentication is usually the username and password. The second factor is a security check that acts as a buffer between a service and login attempt. Whether it’s a secondary device such as a card reader or smartphone, or a fingerprint or retinal scan, the idea is that the owner of the associated device or fingerprint is able to provide additional information required to sign in.
A system will first validate that the account exists, then prompt the User to perform the additional action. If this additional action is performed correctly, access is given to the account. If it isn’t, the user will be locked out of the account.
Whilst two-factor-authentication significantly slow down the signing in process, it is an effective way of preventing those trying to force their way into an account.
No method is 100% secure. And despite the benefits it offers, multi-factor authentication can still be broken by the very determined hacker. However, it does represent a considerable addition to the security of your system and can offer much greater peace of mind than relying solely on passwords.
It should also be remembered that most hackers and criminals seek out easy targets. The more hurdles you can put in their way, the less likely they are to target you.