As hackers and cybercriminals have become more sophisticated in gaining access to business and personal accounts, passwords need to be longer and more complicated. Passwords such as ‘123456’, which 23 million accounts still use1, leave the doors open to a business’s intellectual property. But, with it only taking 2 seconds to crack a password with 11 characters, are passwords really the key to keeping cybercriminals at bay?
The answer is…to some extent. Accounts that have complicated passwords with 18 digits are said to take nine months to infiltrate. Yes, nine months is a long time, but ultimately a criminal can still get access. So, what is the solution if passwords alone aren’t keeping us safe?
Two-factor authentication (2FA). Introduced by the RSA company as a key fob in 19862, two-factor authentication has become a buzzword in the technology industry. Whilst adoption of the technology has been slow, early adopters of 2FA are chip and pin machines and large financial companies.
So, what is two-factor authentication?
2FA is all about checking credentials. A security process in which users provide two different authentication factors to verify themselves.
2FA provides a higher level of security than authentication methods that depend on single-factor authentication. 2FA users need to verify their identity by using something like a security token or biometric characteristic (face id or fingerprint scan).
Adding that additional layer of identification makes it harder for attackers to gain access to devices and online accounts. Ultimately, cybercriminals knowing a password is no longer enough.
How secure is it?
In reality, nothing is ever 100% secure. Criminals can bypass the systems even if you have 2FA enabled. An example of this is if you want to recover a lost password via email. However, adding 2FA as an extra roadblock is a lot more secure than leaving your business vulnerable.
If you’d like to introduce 2FA into your business or would like to speak to one of our experts about the subject in more detail, please get in touch using the form below.