The Importance of 2FA – 2 Factor Authentication Password Policies
IT INSIGHTS, SECURITY
YOUR DATA MAY BE VULNERABLE TO HACKERS
As a small business owner, you rely on the internet for many facets of what makes you successful. Your corporate data is important to you, and your clients certainly do not want it breached.
To provide a level of security, you may require your employees to submit to background checks, you installed security software to protect your data, and you have educated your staff on the dangers of phishing. Is that enough? Maybe not since you are still open to being hacked through a compromised password. Perhaps you increased your security by including multiple challenge-response questions, but their protection is only minimally effective.
THE PROBLEM WITH PASSWORDS
Passwords were originally intended to provide security in an otherwise unsafe environment. Over the years, however, they have lost much of their protective power thanks to hackers’ increasing perseverance, success, and knowledge. Even though they may be changed frequently and even meet the National Institute of Standards and Technology (NIST) requirements, too many of them are easily compromised.
Designed to combat the ever-growing list of compromised passwords on the dark web, the NIST lists five important steps to take to prevent attacks. They are:
- Set the password minimum length to 8 characters while encouraging even longer ones.
- Only change passwords if there is evidence of them being compromised.
- A compromised password database is available and should be checked daily if possible. Consider automating the process.
- Password hints and knowledge-based security questions can be avoided.
- Failed attempts at authentication should be limited.
Although increased password awareness will strengthen your company’s stand against attacks, it is still not fail-proof.
One solution to this problem is the relatively new requirement of Two-Factor Authentication or 2FA. Sometimes referred to as dual-factor authentication or two-step verification, this process involves providing a password along with a second form of authentication.
With the 2FA, your employees will provide a password just as they always have but will then be required to provide a cell phone number that can receive texts or automated phone calls, or an authenticator app installed on their mobile device such as Google Authenticator or Microsoft Authenticator. Of course, you could also request a fingerprint or facial scan as the second form of identity. You can also add in a time-restriction that limits when users can log into an account or a window of time in which the account will remain open.
There are also hardware tokens that support 2FA if you would rather take your business in that direction. Two popular tokens are YubiKey and the Universal 2nd Factor (U2F) protocol.
LESS THREATENING ATTACKS
Remote internet connection attacks are still the most common type of attack and
Two Factor Authentication makes them less threatening. Even if the password is obtained, it is not sufficient for access and the 2FA makes it unlikely the second authentication factor associated with an account would be identified.
WORKFORCE IT JACKSONVILLE
Your data may be vulnerable to hackers. You need the best cybersecurity and IT support around. Workforce IT of Jacksonville has both the remote and on-site IT services to remove Jacksonville malware and protect you from future attacks. Call Workforce IT today to secure your business’ future 904.638.8406.