Two-Factor Authentication is Now a Security Standard

For quite some time, a username and password was all we needed log in to a site. As long as we chose these ‘gatekeeper’ identifiers wisely, and made them difficult for others to replicate, we thought we’d be safe.

In short order, we learned differently.  Cyber-thieves soon learned how to infiltrate our ‘password protected’ accounts. With the basic ‘username and password’ system, it was too easy for hackers (individually and collectively) to gain access to personal and financial data, and too often use that intel to extort and exploit for their own financial gain.


Two-Factor Authentication Protects Your Accounts from Hackers

Two-Factor Authentication (2FA) is an extra layer of security for protecting logins to important websites you access that contain sensitive information, such your bank, email, and phone system. Also called 2-Step Verification, the sign-in process requires a username and password plus an auto-generated security code that is unique every time. This additional security code, or authentication code, is retrieved through an app on your phone.

Two-factor authentication protects your account even when your username and password have been hacked.

Without this authentication code in their hands, a hacker is prevented from moving forward in the login process, even if they’ve managed to hack your username and password.


How Does Two-Factor Authentication Work?

Two-Factor Authentication requires a new security code every time you log back into a website, which is generated by an app like Google Authenticator. This means only the person with physical possession of the phone and who also has the passcode to get into the phone can get gain access.

Once you have two-factor authentication enabled on a site, here’s a general idea of how it will work when you try to log in:

  1. You type in your username and password as usual.
  2. You proceed to the next step, which will ask you for an authentication code.
  3. You open the authenticator app to get the code.
  4. You type the 6-digit code into the website, and you’re in.

Usually your browser will keep you logged in for a period of time on the same machine, so it’s not like you’ll need to go through the authentication process every day.


Two-Factor Authentication for Business Phone Systems

Two-Factor Authentication is a critical part of protecting your business phone system from hackers, and should be implemented to help prevent breaches that can lead to exposing other parts of your business. Whether you have an internet phone system or traditional service from your local cable provider, you should secure access to your accounts.

For example, your bank might text you a code to access your online bank account. With access to your phone system, calls and text messages can be read and re-routed. To protect yourself, you should enable two-factor authentication for logging into both your banking and telephone accounts. With multiple sides protected, you reduce the chances a hacker can manipulate their way in.

Learn how to enable Two-Factor Authentication on your Telzio phone system.

Telzio offers two-factor authentication for both Account Owners (administrators) and Users (employees), using the Google Authenticator app. It’s a very simple process to activate that anyone can accomplish.


Two-Factor Authentication for Business Services

Historically, 2FA has been around for a while, but only within the last few years has it become more prevalent.  Two-factor authentication is essentially a method of confirming a user’s claimed identity by utilizing a combination of two different components. The use of multiple authentication factors to secure our online identity is based on the premise that an unauthorized actor is unlikely to be able to supply the additional factors required for access.

In addition to the most obvious – banks, two-factor authentication is available for the most commonly used business services today, including:

  • Slack,
  • Gmail,
  • Amazon Web Services,
  • Salesforce,
  • Mailchimp,
  • Stripe,
  • Square,
  • Quickbooks,
  • Zendesk,
  • Paypal, and
  • Github.

Beyond the use of two-factor authentication in protecting accounts over the web, we also see it used in other ways, like over the phone and in person. Just for fun, let’s explore two of them.


Verbal Passwords: Another Form of Two-Factor Authentication

With just your mobile phone number and what is called ‘social engineering,’ online thieves can assume control of your account with limited technical knowledge.

This can be initiated when someone gets a hold of some of your contact info — that is, your address, birthdate, the last four digits of your social security number. From there they can infiltrate your email to uncover your username and password to make a withdrawal.

This is where a ‘verbal password’ could stop hackers in their tracks. Once you establish this two-step verification with your bank, a thief could not complete a withdrawal without responding to the question, “what is your verbal password?”


Biometric Authentication Protection

Biometric Authentication relies on matching a unique biological characteristics of a user to verify with biometric data stored in data banks. There are now a number of these new technologies, which have emerged over the last decade. They store ‘retina scans,’ ‘fingerprints,’ ‘facial recognition,’ and ‘voice identification.’

Both Google and Apple have been advancing this technology for some time now.  Good to note, that with fingerprinting, both of these tech firms will allow users to secure their fingerprints on their devices, but will not store them on their servers.

Apple’s new TouchID found on iPhone 7 and later iterations also will not store the actual image of your fingerprint, but instead a mathematical representation of it. Thus assuming that if online thieves gain access to this mathematical image, they cannot reverse engineer it to reveal the actual image of your fingerprint. Not only that, your fingerprint data is also encrypted.

Android phones operate similarly. They secure your fingerprint data in their main processor called the Trusted Execution Environment [TEE] which doesn’t interact with any of a user’s installed apps.


No Time to Waste

While at first glance two-factor authentication may appear cumbersome and time-consuming, the time and effort invested in securing your online services with this extra layer of security is worth it.

Enabling 2FA can take just minutes. Today, it’s a necessary preventative measure, which can avoid hijackings of your business data and the lost time spent recovering your potential losses.

Ron is part of the marketing team at Telzio, covering everything from tips and tech for growing businesses to customer success stories for the Telzio blog. Previously a Director of Advertising and Public Relations at Marriott International, Ron has published several books including the award-winning graphic novel Facebucks.