2FA: what is it and why would you use it?

If you do some research in online security, changes are the term 2FA will pop up. Although the term is unknown to many people, it is likely that they encounter this technique on a daily basis. For instance when they use online banking or when working on a corporate network. This article will tell you what 2FA is, how it works and which gains it provides you.

Two time’s a charm

The abbreviation 2FA stands for “two-factor authentication”. 2FA is a security system that asks the user more than just a single username and password. Using 2FA truly gives you a second layer of security to control the identity of the person trying to get access. Unauthorized people who are only in the possession of the first factor (usually the username and password) will not get access to personal data.

A good example of 2FA is found in online banking: in order to carry out a transaction, you need a TAN-code (Transaction Authentication Number) that you receive by SMS. In itself this code is useless, but it conforms that the person taking the action is in the possession of the mobile phone that is connected to this account. This system makes it very likely that the person initiating the transaction has the correct identity.

Just a password

Why wouldn’t you solely trust on a password? To many users this seems a simple, swift and safe method. However, as it turns out, it is not easy to create and manage a strong password. Passwords are vulnerable to threats, both from within (the colleague who keeps his login details on a post-it on his desk) as well as from the outside (hackers). Sure, a password can be part of a solid defence system, but a system that uses more than just one factor is many times safer.

Different types of 2FA

Authentication can occur based on different factors. These factors can be divided into three categories:

  1. Something the user knows. For instance a password, PIN or other information that the user has previously shared with the system.
  2. Something the user has. Think of a mobile phone or an access card.
  3. Something the user is. He or she can be recognized based on a fingerprint, their voice or their face.

We use the term 2FA if a system combines factors from two different categories, for instance something the user knows with something the user is. A system that demands three different factors of authentication is also a possibility. Each extra factor ensures more certainty about the identity of the user.

Different types in practice

There are systems that ask for 2 sets of passwords, for example when you want to login to an account and subsequently want to open a file. Although we are talking about two different passwords, this is strictly speaking not 2FA but SFA (single-factor authentication) because only one type of factor is being used. People tend to choose this type of authentication in many cases because of the user experience. The biggest disadvantage here is that passwords can be shared with other people, so by using only the first category other people can still gain access to your account, files or other information that should be protected.

Two-factor-authentication asks the user to take one more step, but results in a more safer situation.  We do not see the ‘real deal’ so often in practice, because many users are not used to taking this extra step. Authentication based on biometrics (what the user is) is only being used by big companies and government institutions. Employees at Schiphol Airport for instance need both a password and a successful iris scan to get behind customs. Fingerprints (or in the case of the new iPhone: facial recognition) used as SFA to unlock devices, is getting used more and more nowadays.

Small effort, great results

ZIVVER always advises you to use two-factor authentication. If you share sensitive information online you want to make sure only the right person receives this information and no one else. Taking one extra step is a small price for the certainty that you are not leaking your data. Especially in the light of the GDPR which came into effect last May: under these laws you are obliged to take the right technical measures to prevent a data leak.

GO TO THE GDPR CHECKLIST
RELATED
All_it_takes_is_one_human_error_to_compromise_your_organizations_reputation_blog_zivver

All it takes is one human error to compromise your organization's reputation

Professionals understand the value of their companies' reputation. Firms with a powerful and positive reputation attract better employees, partners, and clients. They're regarded as offering additional value, which usually allows them to impose a premium. Customers tend to be more dedicated and purchase broader ranges of services and products. As the industry believes […]

Read more
The User Representatives - Always here to help you!

The User Representatives - Always here to help you!

  At ZIVVER the success of our customers is paramount! For that reason, we have a dedicated Customer Success team to help our customers maximize their value from our product. Part of the Customer Success team are the User Representatives. Their ultimate goal is to create happy ZIVVER users, by solving all issues, providing information and representing their voice […]

Read more
Your_Success_our_primary Mission_The Customer Success team_ZIVVER_EN_blog

Your Success, our primary Mission! - The Customer Success team

At ZIVVER the success of our customers is paramount! Our purpose is to add real value to your organization. That’s nothing new, but now we even have a dedicated Customer Success team to help you achieve your desired goals with our product.  […]

Read more
Cloud_based_office_support tools_that_are_U.S._rooted_fail GDPR_complianc_ZIVVER_Eng_blog

Cloud-based office support tools that are U.S. rooted, fail GDPR compliance

It is estimated that the U.S.A. supplies 80% of the global cloud computing services. And nearly all most-used cloud-based solutions for email and word processing are from the US. This causes a big issue for European companies using these vendors since they are not GDPR compliant. This is the conclusion of a research performed by the Swedish National Public Procurement […]

Read more
Idans welcome blog (2)

We are happy to announce our Chief Technology Officer: Idan York.

Idan will be responsible for vision outlining and implementation of technological strategies that align with ZIVVER’s expansion objectives. […]

Read more
Human_error_is_the_primary_cause_of_most_data_leaks_The_Dutch_lend_a_helping_hand_pointing_ out_the_cause_ZIVVER_EN_blog-1

Human error is the primary cause of most data leaks. The Dutch lend a helping hand pointing out the causes

[…]

Read more