Whether it’s emails, social media, or a bank account, if you’re able to access your account with just a password, your account could be at risk. Adding another layer of security through multi-factor authentication can help prevent your account from being breached.
Password breaches are occurring at an alarming rate, putting personal and business data at risk. Using a second or multiple authentication factor adds another level of security, making it harder for hackers to breach accounts. Multi-factor authentication requires additional information from the user to gain access to the account rather than just the password. The type of authentication used varies depending on the company you have the account with but will usually fit within the following categories:
Through Something the User Knows
Knowledge-based authentication factors include passwords, PINs, or security question answers. These are the most common type of multi-factor authentication, but are also the weakest. Knowledge-based factors can be easy to guess, found through social media, or the same for multiple accounts.
Through Something the User Possesses
Possession-factors usually involve access to a linked email address, phone number, or authentication app. This type of multi-factor authentication is becoming increasingly common when logging into accounts – you may receive a code by text to log into Facebook, or have to use the Microsoft Authentication app to log into your emails. This second layer of authentication is relatively secure, but many of these can be accessed through one device – your phone. If someone has access to your phone’s passcode, you may also find that they would have access to all of these possession-based authentication factors.
Through Something the User Is
Biometric verification such as fingerprint or facial scanning has become more popular since the widespread availability of smartphones that have these functions. These are often used to access apps with secure data such as banking apps. Biometric features are not easily replicated so these types of authentication are very secure. However, as you may have found, if these features do not work, they can be confirmed or overridden by a passcode. This means that anyone that has access to your phone and its passcode could also have access to these accounts.
Through a Location or Time
These authentication methods usually are associated with business accounts and are usually set up by your IT systems provider. Access to your business’s network, emails, or software accounts can be restricted to a set location or working hours to prevent suspicious access. If someone is trying to access your network from a foreign country in the middle of the night, there is a high chance that this could be a malicious system attack. Ensuring that access is restricted to a local area, or set of IPs, within normal working hours can reduce the risk of external access to your business’s IT systems.
To make your account as secure as possible, you should use a combination of these authentication factors to access your account. Although it can take you slightly longer to log in, it can help prevent your company’s accounts from being hacked, and some serious data breaches.
Contact us for advice on making your business’s IT systems more secure.
Share This Post:
About Carrera UK
Carrera UK provide IT support, IT services, and telecoms to small businesses in Portsmouth & Southampton in Hampshire, and across the South of England.
We offer a complete suite of IT and telecoms service solutions for small and medium-sized businesses, including IT support, cyber security, business phones, and leased computers and laptops.
We know how important IT is to your business and we will work hard as your trusted IT and telecom service provider to find the best solutions for you. Our IT support and solutions give you the assurance that your business technology will be robust, reliable, and cost-effective.