We’ve all been using digital platforms long enough for logging in via a password to become second nature. As we’ve become more and more accustomed to this authentication method, two things have happened. We’ve become lazy with our passwords, either making them too simple or reusing them, and hackers have invented dozens of ways to steal our credentials.
Passwords are by far the dominant method of user authentication, and they are also the top cause of data breaches. This single-factor authentication method is notoriously insecure due to various issues, including poor password hygiene, phishing attacks, credential dumping, and employees sharing passwords with unauthorized users.
Here are just a few nerve-wracking password statistics assembled by DataPro:
- 51% of people use the same passwords for both work and personal accounts.
- 57% of people who have already been scammed in phishing attacks still haven’t changed their passwords.
- 33% of account-compromise victims have stopped doing business with companies and websites that leaked their credentials.
When the only thing standing between your confidential business files and a hacker is a password, you’re not facing great odds.
Too often, employees choose weak passwords or use the same one for multiple accounts. (The most common password in 2020 was, unbelievably, “123456.”) This makes it simple for an unauthorized person to access all of your accounts if they’ve got a list of emails and passwords from an insecure site’s data breach. They just type in the details like a regular user and immediately have access to everything the account offers.
Luckily, all hope isn’t lost.
What is two-factor authentication?
Two-factor authentication is a much more secure way to protect your business data. According to MobileIron’s chief marketing officer Rhonda White, “The key to reducing this risk is to ensure that the stolen credentials are worthless against your infrastructure by implementing multifactor authentication methods.”
Two-factor authentication requires the user’s password and a separate method of confirmation.
The second authentication factor can come from one of these groups:
- Knowledge factors — passwords, PINs, answers to security questions, or any other information that (theoretically) only the user knows.
- Physical factors — ID cards, security tokens, cell phones, or another type of physical item the user must have with them to access the account.
- Biometric factors — fingerprints, voice recognition, facial recognition, or other personally identifying biological metrics.
For an unauthorized user to get into your account, they’d need your username, password, and one of these second designated confirmation methods. Of the three groups, the knowledge factors are the least secure. As with a password, this type of information can be leaked in a data breach or easily figured out with some low-effort sleuthing. It’s much more difficult for hackers to gain access to physical or biometric authentication factors.
Is two-factor authentication foolproof?
There are few, if any, security measures that can be considered entirely foolproof. As long as there are criminals devoting time and energy to stealing something, security methods will have to be continually improved.
Though two-factor authentication doesn’t guarantee your data’s safety, it is much more secure than using a simple password to access an account. If we think of it in terms of physical security measures, a password would be like the lock on a child’s diary, and multifactor authentication would be like a vault door.
One vulnerability of 2FA is a platform’s account recovery process. Some platforms have account recovery protocols that bypass the two-factor authentication if a user claims to have lost their login information.
Most companies intentionally make account recovery a time-consuming procedure. While very frustrating to authentic account users, it does help discourage hackers from exploiting this angle. Even though account recovery is a potential vulnerability, most unauthorized users aren’t going to want to invest the time when there are much easier targets available.
So, why isn’t everyone using 2FA on every account?
As you’ve seen, two-factor authentication is much more secure than password protection alone, so why wouldn’t everyone use it?
Like most things in business, it comes down to time and money.
Depending on the authentication method a company chooses, it can also be expensive to implement 2FA. Authentication factors such as facial recognition or security tokens require a significant investment, and companies that go this route have extremely high-value data they need to protect.
Smaller businesses will be relieved to hear that they can still beef up their data security with 2FA without a hefty price tag. Companies can choose to have the second factor be a code delivered to the user’s cell phone or email, so they don’t have to provide any hardware to users.
As for the time issue, there’s no getting around the fact that 2FA adds another step to an employee’s login time. It’s a matter of mere seconds, but in today’s fast-moving world, a few seconds’ wait seems interminable to some. Employees also have to adapt to a new routine, which can take some time.
Because of the time and perceived hassle, and the potential investment required, two-factor authentication tends only to be used on accounts that contain valuable or sensitive information.
What does two-factor authentication mean for your business?
Implementing 2FA for business files means:
- The sensitive information in your business files won’t be easily accessed by unauthorized users or stolen by hackers. You can confidently store and share your documents within your secure platform.
- Users will have to adjust to completing one quick extra step to access their accounts.
- Depending on your choice for the second authentication factor, your company might need to invest in new software or hardware.
Does Onehub offer two-factor authentication?
So glad you asked! Yes, we do.
Two-factor authentication is available for our Advanced, Data Room, and Unlimited plans. These plans also offer many other powerful security features, including password standards, so users can’t get away with stunningly bad passwords such as “password” or “123456.”
If you’re a Onehub user, you can follow this video to learn how to enable 2FA on your account.
If you’re curious about how Onehub’s cloud storage and file-sharing service can protect your business data and improve your team’s collaboration, sign up for our no-strings-attached 14-day free trial.