Did you know that?
- 90% of passwords can be cracked in less than six hours.
- Two-thirds of people use the same password everywhere
- 57% of people who have already been scammed in phishing attacks still haven’t changed their passwords.
(Source: The Business Journals)
Therefore, relying on strong passwords is not enough and Two-Factor Authentication (2FA), as the name suggests, adds another level of authentication to the login process.
It's not only in your best interests to put that additional step in place but also one of the most effective ways to reduce the risk of your employee’s falling victim to an account takeover, potentially exposing your organization’s sensitive assets and accounts.How Two-Factor Authentication (2FA) works and why is it more secure?
2-Factor Authentication is a combination of at least two of the following:
(i) something you know (i.e., a password) and
(ii) something that you have (i.e., mobile phone, or physical security key) or
(iii) something that you are (i.e., Fingerprint, FaceID, RetinaID)
If a hacker only needs your username and password, they can hack your account from anywhere. But to break into an account that uses 2-factor authentication the hacker would need the physical second-factor authenticator. For this reason, it significantly improves security.
Different types of Two-Factor Authentication (2FA)
Let’s briefly review the main different types of 2-factor authentication:
- SMS 2FA
- 2FA Authenticator App
SMS 2-Factor Authentication
While SMS 2FA, the method of sending your one-time password via text message, was thought to be good. But it is no longer recommended due to SIM swap fraud. Sometimes hackers don’t even need your username/password. They just hack your SIM and phish you to a fake website where you enter your credentials, and they steal them that way automatically entering them into the real site.
2FA Authenticator App
Authenticator apps can be installed on any device and don't rely on a mobile signal. Security experts prefer them because they aren't vulnerable to SIM-swapping attacks. You can install the app on more than one device (though you need to set up each website on each device separately) and so don't necessarily rely on your mobile phone.
Conclusion
EPX have used Two-Factor Authentication across our organisation, providing our staff a frictionless login experience, while reducing administrative burden and overall security risks for our organisation and securely protecting our clients’ data.
Feel free to get in touch with EPX to learn more about how your small business can stay protected with effective cyber security advice.
Contact
Please call EPX on 0178 5878 311 or email us at info@epx.co.uk for more information.JTNDZGl2JTIwaWQlM0QlMjJzbGlkZUJ1dHRvbiUyMiUyMGNsYXNzJTNEJTIyc2lkZS1idXR0b24lMjIlM0VHZXQlMjBJbiUyMFRvdWNoJTNDJTJGZGl2JTNF
