If you have been around the IT industry as long as we have you’ll know that passwords are not enough to secure your digital world.
In 2016 alone, dozens of firms fell victim to password breaches, including Oracle, UC Berkeley, the IRS, Wendy’s, LinkedIn, and the US Department of Justice.
The DOJ, incidentally, is home to the FBI, which according to its own website is the leading federal investigator of cyber crimes in America. So what can the rest of us do when even the Lord Commander of America’s cyber defenses can’t fully protect itself?
The answer is pretty simple, Two Factor Authentication or 2FA.
Two-factor authentication is a method of confirming a user’s claimed identity by utilizing a combination of two different components.
A good example is the withdrawing of money from a cash machine; only the correct combination of a bank card (something that the user possesses) and a PIN (personal identification number, something that the user knows) allows the transaction to be carried out.
The norm with passwords is to change every few months, and hope that the user doesn’t use an easily hacked password. A lot of research points towards password rotation actually making passwords weaker:
At The Cloud Computer Company passwords are not rotated at all, but we use 2-factor authentication. The only time someone is forced to change a password is if their account is possibly compromised.
To achieve this we use a combination of a UbiKey or Google Authenticator.
Simply put, if we use a PC that we have never logged into our G Suite account with, we are asked for our password and then challenged for the 2FA. So we either insert our YubiKey into a USB port on the PC, or we enter a number that has been generated on the Google Authenticator app on our mobile phone.
If one of our accounts has its password compromised the hacker cannot get any further as they require our code or key.
In summary, Two-factor authentication is one of the best ways to protect against remote attacks such as phishing, credential exploitation and other attempts to takeover your accounts. By integrating two-factor authentication with your G Suite account, attackers are unable to access your accounts without possessing your physical device needed to complete the second factor.