Today is “World Password Day”, which is a yearly awareness day created by Intel in 2013 to highlight the importance of using secure passwords. With data being an organization’s most precious commodity, passwords are often the first line of defense against hackers, so it is important that they are as strong and secure as possible.
On World Password Day, organizations are being encouraged to #LayerUp and introduce multi-factor authentication, which is also known as two-factor authentication.
What is Multi-Factor or Two-Factor Authentication?
Multi-factor authentication is a way of confirming the identity of a user to a computer system only after 2 or more types of evidence or factors that they are who they say they are. Usually those factors are via something that only the user will know, something that only the user will have or something that only the user is.
By contrast, two-factor authentication is a subset of multi-factor authentication. Using this method, a user’s identity is confirmed via two varied factors, usually something only the user knows, something the user has or something the user is.
Types of Multi-Factor or Two-Factor Authentication for Organizations
There are several types of multi-factor or two-factor authentication methods available to help organizations become more secure against hackers including:
- USB or Electronic Device Tokens
Employees will carry a USB key or electronic device with them which will generate a code that must be entered every time they log in to their computer system. This will give your organization very strong and high-level protection which also integrates with apps and services such as Dropbox, Google and Facebook, with many more also supporting USB keys and tokens.
- Identification by Fingerprint
Fingerprint scanning is fast becoming a very popular method of deploying multi-factor or two-factor identification, with apps available to manage this available on mainstream smartphones and laptops.
- One-Time Use Codes
A one-time use code can be sent via text message to your smartphone or generated via an app. Although in theory only the user should have access to the phone that the code is sent to, this may not always be the case and so this method is more prone to vulnerabilities.
Why Should Organizations #LayerUp and Adopt Multi-Factor or Two-Factor Authentication?
The #LayerUp campaign on World Password Day aims to raise awareness of the importance of introducing multi-factor or two-factor authentication as a way of combatting cyber crime and deterring hackers. Although it is a relatively easy additional layer of security to implement, many organizations have been slow to introduce it to their computer systems and users.
Recent research undertaken in the UK by Gemalto showed that at least two-thirds of organizations have not adopted multi-factor or two-factor authentication. If multi-factor or two-factor authentication is used within an organization, there is a much lower risk of a hacker attempting to pretend to be an employee to gain access to critical systems. However, accidents do happen and if an employee has a smartphone or other mobile device stolen, having multi-factor or two-factor authentication may buy enough time for their user accounts to be locked down before criminals can gain access.
Another obvious and clear benefit of introducing two-factor authentication is that productivity is likely to be increased as a result. In today’s 24/7 connected world employees are now working on multiple devices outside of the office, so multi-factor or two-factor identification can help to secure devices to allow employees to access company data, documents, apps and systems safely.
Take the #LayerUp Pledge
To raise awareness of password security and of multi-factor and two-factor authentication, take the #LayerUp pledge. Visit the World Password Day website, select your country, take the pledge and show your commitment to creating a safe and secure environment for your organization and employees.
Join the Debate in our LinkedIn Groups
Does your organization use multi-factor or two-factor authentication? Do you think it is a strong enough defense against hackers? Join in the debate in our LinkedIn groups.