Jessica Elliott, Contributor, US Chamber
Two-factor authentication (2FA) is a secure method for logging into cloud-based apps and services securely. Many companies, including Google and Amazon, let people enable 2FA on their devices or accounts.
As sophisticated threat actors increase their attacks on small businesses, a two-step verification process adds an extra layer of protection. Below, we’ll examine what two-factor authentication is, how it works and why your small business should use it.
What is two-factor authentication?
Two-factor authentication (2FA) verifies that the person trying to access a device or account is who they say they are. It’s a security feature available on devices and applications or a standalone app called an authenticator.
2FA may also be called two-step authentication, two-factor verification process, or multi-factor authentication (MFA). In short, the first factor is something you know, like your credentials (username and password), and the second factor is something you have, such as your smartphone.
There are three types of evidence to confirm an identity, and 2FA uses two of them. These identity-confirming types of evidence include:
- Knowledge: Information known only by the user, such as challenge question answers or a password.
- Possession: A device, like a YubiKey or a passcode sent to a device, such as a cell phone.
- Inherence: A unique characteristic, such as voice recognition, fingerprint or a retina scan.
How does 2FA work?
Two-factor verification works by using two elements to verify your identity before you can sign in to an application or device. This type of identity verification requires a user to enter their credentials, then complete a second step to access an online account.
The second verification step usually consists of a randomized six-digit code or time-based one-time password (TOTP). Some services also offer biometrics factors, such as your fingerprint.
Two-factor authentication examples
The most common 2FA example is an ATM. You’re required to possess the bank card and know the personal identification number (PIN) to access your account.
Likewise, many popular platforms offer built-in two-factor authentication, including:
In most cases, you sign in to your account online with your username and password. After which, you receive a text message with a six-digit code. Once you enter the code into Google or Facebook, you can proceed to your account.
Over 80% of breaches within hacking involve brute force or the use of lost or stolen credentials.Verizon
Why should small businesses enable two-factor verification?
Defending your business from cyber threats is challenging, especially as the number and types of risks rise. According to the FBI’s 2020 Internet Crime Report, Americans recorded 791,790 cybercrime complaints “with reported losses exceeding $4.1 billion. This represents a 69% increase in total complaints from 2019.”
In addition, Verizon found that “over 80% of breaches within hacking involve brute force or the use of lost or stolen credentials.” Passwords are one of the easiest ways intruders break into your business online.
Once attackers compromise an email account, social media channel or cloud storage, the damage can be far-reaching and affect your business finances and reputation, among other issues.
Requiring two identifying factors reduces the chances of a breach. The best cyber defense plans, though, take a multi-layered approach by using antimalware tools, antivirus programs and strong credential and internet policies.
Top two-step authentication apps for small businesses
Three popular apps for 2FA include:
- LastPass Authenticator: It offers one-tap logins via passcodes, SMS codes or push notifications. LastPass Authenticator is free for one device type. Paid plans for businesses start at $4 per user per month and include a password manager.
- Authy: You can use Authy for free for up to 100 authorizations per user per month or select a pay-per-use plan costing $0.09 per authorization. It supports SMS, tokens, email and voice verifications.
- Microsoft Authenticator: Secure your accounts using time-based codes. Microsoft Authenticator is free and works with most products, including all Microsoft services.
Keep your business data secure using 2FA
Two-factor authentication is an essential defense layer for on-site, remote, and hybrid employees. Use 2FA to supplement your policies and protect your business against cyber attacks.
CO— aims to bring you inspiration from leading respected experts. However, before making any business decision, you should consult a professional who can advise you based on your individual situation.