What is Two-Factor Authentication?
Ok to start with we thought we should explain the word “factor”, when we use the word “Factor” it means piece of information. So if a system requires two “factor” authentication it requires two pieces of information in order for you to access that system. An everyday example of two-factor authentication is EFTPOS: it has a PIN, and a card.
Most of the time the single factor would be a password, when you have other factors these could be a pin code, your fingerprint, or other biometric aspects such as your signature or a physical item such as a key, or a chipcard. Each additional factor makes it harder for someone to guess their way in.
Why would I implement this ..?
Some people are duped via email into typing their email username and password into webpages in order to allow them access to some sort of attachment… If a user enters their username and password into one of these “phishing” sites they will generally find that their email will be compromised and potentially used by hackers to spread all manner nasties to all of their contacts and more.
This is where 2 factor authentication comes in to save the day… If this user (the one that had entered their username and password in the Phishing page) had 2 factor authentication the “hacker” would require the other “factor” in order to access their email etc. As they would not have that, their email would still be safe and the hackers would get nothing!
How does it impact me when I am logging on ?
Once setup you won’t be bothered by your phone or by your desktop email software every time you open your email to read it.. we don’t want you getting frustrated by the process and if hackers have your phone or desktop computer you have far more serious issues to deal with..
It will only be when you access your email via a webpage or with a new device (the same way the hackers will be trying to get into your email) that the 2 factor authentication will kick in..
Why should you use it?
You’re already using it, every day, why not extend it to your personal and business data? At IT Engine, all staff are required to use two-factor authentication because we need to protect our data, our assets, and the data of our clients.
How can I implement this?
If your email is with Microsoft in office365 then this “2 factor authentication” can be setup by your IT team to be both effective and minimally intrusive.
Talk to us, chances are most of your systems have the capability to use two-factor authentication. It just needs to be turned on, and accompanied by some training to ensure a smooth transition.