No, Beyonce isn’t rewriting her songs for National Cyber Security Month, but there’s something from her lyrics we can learn.

What is Two-Factor Authentication?

Two-factor authentication is based around the idea that requiring multiple forms of authentication makes an account more secure. These forms are broken down into three categories: something you know, something you are, and something you have. Something you know is most commonly a password. Something you are could be face ID or a fingerprint. Something you have could be a cellphone or token. By combining two of these forms of authentication, your account will not be compromised if one of the forms is compromised.

The most common two-factor combination is something you know (a password) and something you have (a cell phone). Using this method, a user will enter their password and then receive a text message on their phone with a message containing their second class for authentication and which expires after it’s used.

Issues with Two-Factor Authentication

Using a cell phone as an additional method of authentication is not perfect by any means. Attackers have been able to demonstrate the ability to intercept text messages that contain the two-factor codes. This has allowed them to then log in and compromise accounts. On top of this, cell phones are fragile. If a cell phone is damaged or lost, users would be unable to access their accounts.

Some might hear the issues related to cell phone based two-factor and decide that the risks outweigh the benefits. That would be the wrong response. Password breaches are out there. It’s not a matter of if, it’s a matter of when. Two-factor authentication is a critical component of reducing the impact of compromised passwords. In this case, something is better than nothing.

A Decision

What information do you want to protect? What data is precious to you? If it is something that you want to keep private and secure, make sure you put two-factor authentication on it. If you don’t, it’s much easier for someone to compromise your account and steal your information.

Aaron is a Senior Network Engineer at Symplexity. He achieved his CCIE Collaboration in 2014 and has more than 15 years of experience working in the IT sector. Aaron provides penetration testing(red team) services for our Symplexity Secure clients to help them validate existing security controls and simulate real world attacks on their networks. When not at work, he enjoys biking on Fort Wayne’s wonderful network of trails, smoking meat, and building Legos.

Ready to take your technology to the next level?

Contact Us Now