Two-factor authentication or 2FA has become the latest tool to save millions of online users from account breaches. The truth is, it’s been around for a while now, although adoption is still slow. Many tech giants like Apple, Microsoft, Amazon, Facebook, and Twitter have already made it widely available for their users. In early May, Google even announced plans to make 2-step verification a default feature on its security settings. This has spurred even more conversations about 2FA and its critical role in keeping accounts safe.
So, what is two-factor authentication, and why has it become such a hot topic in 2021? Let’s find out.
Growing security threats and the demise of password prowess.
The rising cases of security breaches have constantly been making headlines for their epic scale and reach. If you haven’t experienced a data breach already, chances are you at least know someone who has. It’s that common. According to Verizon, 80% of hacking-related breaches are the result of brute force or lost or stolen credentials. This comes hardly a surprise considering 15 billion stolen passwords were on sale last year.
If stealing your password is that easy for a criminal, can you continue to rely on passwords to keep your data safe? The problem is not really with passwords themselves. It’s the lack of understanding of password security that often leaves users vulnerable to account breaches.
If your idea of a password is “123456” or “password” or even your name or high school, then you’re inviting trouble. The issue with passwords is that they’re hard to remember. And when you have several accounts in use, from social media to emails, it could be impossible to keep a tab on them all.
So, many people resort to easy-to-remember passwords. Even worse, they reuse account credentials, so they only have to remember one. A Google study shows that 65% of individuals use the same password across several or all their online accounts. And when you keep making such errors in judgment, passwords could become a security threat.
Another reason for their waning prowess is that passwords are prone to theft. Just think about it. They are incredibly easy to store and share. This makes them more accessible to third parties. For instance, you can save them on your browser or share them in an email. So, a smart cybercriminal just needs to launch spyware on your device to extract saved browser data. Or they could hack into your emails and trace a communication thread containing account credentials. They can even launch a phishing attack and trick you into sharing log-in passwords.
Using two-factor authentication as a security buffer
In the backdrop of all these password-related security vulnerabilities, tech companies have been quick to adopt 2FA features. After all, an account breach is an issue for the account hosting platform, as much as it is for you. It could significantly erode their credibility and may even leave them with a hefty fine. So, more and more companies are now encouraging their users to adopt two-factor authentication to strengthen security.
2FA is a simple technique to add an extra buffer to the existing safety measures. And they have been designed to avoid many of the practical flaws of the conventional password. For example, 2FA doesn’t require you to set up mind-boggling phrases or to memorize them. Typically, they are not sharable, either. This could help minimize credential theft.
So, what types of two-factor authentications are available today? We can broadly classify the most common 2FA features into two categories.
The most frequently available 2FA tools involve a one-time passcode. When you enter your account password, the second verification process will generate a random passcode, which you should then enter to access your account. This is the second security factor of authentication.
How the passcodes are generated and shared could differ based on the specific 2FA tool you’ve opted to use. For example, you can receive them in an email or a text message. You can also use a USB device or an app installed on your phone to generate them. Many companies offer several 2FA options. Twitter, for example, allows its users to receive a randomly generated passcode with a text message, authentication app, or a security key device.
Whatever the option you choose, these passcodes are typically available for a short period. If their usable time is 60 seconds, you’ll need to enter them within that specified period before they become invalid.
Biometric two-factor verification is also gaining popularity, although not as fast as the one-time passcodes. It can involve voice, face recognition, fingerprints, iris scans, and various other physical identifiers. Needless to say, these are unique and not the easiest to steal. They are also convenient to use for authentication compared to the tedious process of memorizing passwords.
Evidently, the higher costs of biometric 2FA are making it lag behind its other two-factor counterparts. However, many experts consider it to be one of the most powerful 2FA tools available today.
How safe is 2FA?
No security tool is foolproof. There are always loopholes and room to improve. So, despite the impressive security features of two-factor authentication, it’s not entirely uncrackable.
There are moments when criminals could infiltrate 2FA security layers. For example, your email account can get hacked, and your phone or USB security key could get stolen. In those instances, a one-time passcode verification might no longer keep your accounts secure. Similarly, even your biometrics could be hacked and replicated. Although this is still rare, it’s certainly a possibility with advancements in technology. Having said that, two-factor authentication is undeniably a step ahead of traditional password security. The unique benefits of 2FA could make it a more practical and effective solution to fight common security threats.