CEBU

Ng: Two-factor authentication

I’M sure many of us have heard the horror stories of emails being hacked, identities being stolen, and digital information being exploited.

As we are pushing ourselves toward the digital age, all our data is being plastered all over the internet. From our social media accounts to our governments’ stored citizen data, this hub of information makes for a very tempting prize to any motivated hacker.

For an average user, the best way to protect one’s data is to use two-factor authentication. Also known as 2FA, this method provides an added security measure.

Passwords are often thought to be the easiest security layer to be hacked since brute force computing or even phishing can grant access to any knowledgeable hacker.

2FA relies on combining two methods of authentication, in addition to your password, most commonly involving the use of PIN codes, a piece of hardware, or even your fingerprints.

However, there are many perceived issues using 2FA. Using hardware, such as Yubico’s physical security key (which you plug into a USB port), is perceived to add more hassle to what would have otherwise been a mere digital transaction – physical devices have to be ordered, delivered, and replaced whenever these are lost.

Biometric scanners are slightly more secure than others and are constantly being upgraded (e.g. iPhone X’s Face ID) but the cost might prove to be a deterrent to many people. One of the more common security measures is the use of a code sent to the user’s phone during every login session. While this might be the cheapest (and often free) option, text messages can still be intercepted.

2FA is not a fool-proof method but is undoubtedly one of the best ways to protect ourselves. Yubico’s CEO, Stina Ehrensvard, notes that the problem with the laxity in security is our perception that being hacked might never happen to us. However, hackers count on this naïve belief. After all, most people think that they will not need an extreme level of security for ordinary accounts that, more often than not, contain only mundane information.

People who use 2FA are often those who have already been hacked or are aware of the dangers of getting hacked. However, many still fail to realize this.

I for one, am taking advantage of the many 2FA options available to us. Google Authenticator is one of the best (and free) options on the market, but there are also other applications available—some are even feature-integrated into the apps that we use on a daily basis. Applications like Facebook, Instagram, Google, Microsoft, and Apple have been pushing for the use of 2FA since 2010. But at least, you might note that if you logged in to Google or Facebook in a public place, or in another location or computer, it will most likely send a code to your cell phone, and not allow you access until you input it. I think that should be the minimum you should do in your settings to provide unauthorized access.

A business supplier in China found out that a hacker has been lurking in his email for days, and during the crucial stage in which they were trying to close the deal, the hacker then secretly sent an email to the customer telling him to deposit the funds into another account. Good thing it was found out.

If you can, check how you can have two-factor authentication and use it.


VIEW COMMENTS
DISCLAIMER:

SunStar website welcomes friendly debate, but comments posted on this site do not necessarily reflect the views of the SunStar management and its affiliates. SunStar reserves the right to delete, reproduce or modify comments posted here without notice. Posts that are inappropriate will automatically be deleted.


Forum rules:

Do not use obscenity. Some words have been banned. Stick to the topic. Do not veer away from the discussion. Be coherent. Do not shout or use CAPITAL LETTERS!

sunstar.com.ph