Examples of Two Factor Authentication
For most of digital history, passwords and login credentials are all that have been necessary to access absolute treasure troves of information. The rise in such practices as phishing and data hacks have made this information less secure than ever before. In addition, a number of high-profile data breaches have even made personal information like social security numbers, addresses, phone numbers, and even birth dates more readily available than ever before.
In addition, cybercrime, theft, and fraud are not the only reasons that passwords and login credentials are an increasingly less secure form of user identification. Every year Splashdata releases a list of the top 100 worst passwords culled from the dark web. Every year, the top passwords continue to include "password" and "123456", the same way they have for more than the last two decades. No matter how often users are encouraged to create unique passwords, they continue to be one of the weakest links in any type of cybersecurity protocol. The challenge of confirming a user's identity digitally, combined with the weakness of login credentials alone gave rise to the creation of multi-factor authentication.
What is Two Factor Authentication?
Multi-factor authentication uses multiple means to authenticate a user's identity. Two-factor authentication requires the use of two different means to verify a user's identity. There are essentially three different ways to verify an individual's identity. Two-factor identification uses two different means, while multi-factor authentication can use all three and sometimes even require different means within the same category. The three different means of verifying a user's identity are:
- Something you have: Something you have can include a device such as a cell phone, tablet or smartwatch or it can be something like an account that you control. Some ways that identity can be verified through something you have is either sending a code via email (to an account you control) or to your cell phone or recording the IP address of the device during login.
- Something you know: This can include your login and password information, but it can also include personal information such as the last four digits of your social security number, your address, phone number or other information that only you would know. This can also include security questions about things only the user themselves or someone very close to them would know, such as the name of the street they grew up on or the name of their kindergarten teacher.
- Something you are: As more devices use biometrics to unlock the device, those features are also available to help authenticate a user. Thumbprint scanners and facial recognition software are the third link in the identification trifecta currently being used to identify authorized users.
How Does Two Factor Authentication Work?
Two-factor or multi-factor authentication relies on a combination of different means to verify a user's identity. In some cases, the user may not even be aware that multi-factor authentication is even happening. What may seem like two-factor authentication can also sometimes actually be multi-factor authentication. Here are some examples of two-factor or multi-factor authentication and when or how they might be used.
- Login credentials and device address: Many people may not realize that when they login to a certain site, the IP address of the device they are using is recorded. Then, when they attempt to log in from a different device, it activates an authentication protocol that requires further verification. This can be in the form of answering security questions or entering a code that is sent via email or text message. In this case, the initial login would be a two-factor authentication that would convert to multi-factor authentication if they use a different device.
- Payment information and biometric identification: The internet has made shopping from home easier than ever, but it has also come at a huge cost. Credit card fraud accounts for nearly $25 billion in worldwide losses annually. When all that is needed is the information found on a credit card, it is all too easy to use someone else's information to make purchases. Biometric authentication, however, has changed all that. Today, online merchants can require a biometric scan to authorize charges, which can help protect them from having to foot the bill if someone attempts to use fraudulent payment information.
- Login credentials and security questions: Theoretically, using login credentials and security questions are technically from the same category. They both involve something the user knows. While this is not the most secure means of utilizing two-factor authentication, it is still using two different means to verify a user's identity.
- Smartwatches: Smartwatches can be used to accomplish a number of tasks such as unlocking other devices or even making payments. On the surface, this may seem like single-factor authentication, but in truth, the smartwatch itself has to be unlocked every time a user puts it on their wrist. Once it is on their wrist, biometrics confirm it is actually the authorized user wearing the watch. The watch itself constitutes a form of multi-factor authentication.
Ready for the next step?
Provide your good customers with a sleek, speedy and secure login experience. Choose invisible device-based authentication or multifactor methods that adapt based on a perceived threat.