Santa Clara University

Information Security Office

News and Events

 

Information Security News and Events

Back to Blog

Two Layers of Added Security

Wednesday, Jul. 15, 2015

To protect your account, passwords are a must. They provide you with added security to keep prying eyes away from your information and data. However, passwords can only do so much to keep your account safe. Passwords are stolen all the time. Doing things such as using the same password for more than one site, clicking on links in emails, or using a weak password can increase your chances of getting your password stolen. 

(For more information about passwords, please visit: http://www.scu.edu/is/secure/guides/passwords.cfm)

When someone steals your password, they can lock you out of your account and use it for malicious deeds. If you use the same password for multiple sites, the perpetrator may gain access to all of them. 

This is where two-factor authentication (2FA) comes in. Most people have one layer (their password) to protect their account. 2FA adds a second level of authentication to an account log-in. If a bad guy hacks through your password level, 2FA makes it harder for him to get into your account. 

2FA requires users to have 2 out of 3 types of credentials before they can access an account. The types are: 

  • something you know (PIN, password, pattern, etc.)
  • something you physically have (ATM card, security token, phone, text message, etc.)
  • something you are or do (fingerprint, voice, facial recognition, signature, etc.)

Here is an example of a 2FA login:

When you log on to your account, you enter your password and your phone gets a text message with a "code" that will give you access to your account. You will need both the password and code for the login process. 

So what’s all the fuzz about two-factor authentication anyways? Why should I use 2FA? 

Well, one of the biggest reasons to use 2FA is the added security it gives you. 2FA makes it harder for attackers to hack into your account; instead of trying to bypass one layer of security, the attacker has to bypass two layers. However, this doesn’t mean that 2FA is a sure way to stop people from getting into your accounts. It just improves security with little effort on your part. 

So does this mean that I can use easier passwords if I use 2FA?

You have some leeway for using a slightly easier password now that you have an extra layer of security, but I would still highly recommend that you use strong passwords to keep your accounts more secure. 

Okay, so what are some downsides to 2FA?

One downside to 2FA is that most people use it on their cellphones. I admit that this is the most convenient method, but if you’re using your phone to enter both a password and the second layer of security, it becomes less secure. There’s always a risk that your phone could be stolen or that malicious apps might attempt to steal your stored passwords. Nowadays, a typical cellphone contains everything but the physical keys to your door.

The other downside is that 2FA can be a hassle. It takes a moment to setup, but when you want to login in, 2FA requires that you have access to the thing that you are using for 2FA. This is also why more and more people are using their smartphones as the token. 

Some sites that allows for two-factor authentication:

  • Facebook
  • Gmail
  • Twitter
  • LinkedIn

Now that you know a little more about two-factor authentication, the ball is in your court. Some people chose to use 2FA, while others opt not to. What will you do?

 

Tags: 2-factor authentication, 2FA, digital security, encryption, information security, infosec, password, security, smartphones, two-step authentication

Information Security Office, 1-408-554-5554, iso@scu.edu