2FA
Apps,  Security

What is Two-Step Verification

Two-factor authentication is a new level of your data protection. To access your account, you use not only login and password but also additional authentication factors. One of the most popular second authentication factors is a one-time password (OTP). Two-factor authentication with OTP is a flexible and affordable solution. You can get OTP in different ways: SMS, e-mail, software application, or hardware device.

So what are the pros of using 2FA?

  • The main advantage of 2FA is reliable data protection as the right to access no longer relies solely on a password’s strength.
  • If you lose one of the authentication factors (lose your hardware token or a thief gets access to your e-mail box), your data still will be under protection.
  • It is easy to use as it does not require any obscure information that is difficult to remember.
  • It is inexpensive as users can install free apps, and there are many offers for corporate customers. Also, it is comfortable for business as it requires little employee training and education.

Can 2FA be hacked?

It depends on the 2FA. Some 2FA schemes have been broken before and made public,

  • Hackers broke into RSA security and stole master keys for some RSA tokens. They were subsequently able to produce functional copies of RSA tokens in use at a large defense contractor to enter that company’s VPN. RSA replaced the vulnerable tickets.
  • Hackers exploited weaknesses in the SS7 signaling protocol to redirect text messages used for authentication to other destinations. They were able to use this to gain access to bank accounts.
  • A hacker was able to socially engineer AT&T to switch an account to a phone in his control. This was also used to access online banking for his target.

It depends. If you use a text message-based two-factor authentication service. Someone determined enough can get in. You’re better off with an offline solution (e.g., Google Authenticator). Which offers better security.

Leave a Reply

Your email address will not be published. Required fields are marked *