Jeff Zod is an Information Technology expert.He enjoys developing software, surfing the web, hacking, and securing computer systems.
Second factor authentication which is also known as Two-factor authentication (2FA) method is a two step verification security process where the user can provide two different factors of authentication for the purpose of verifying themselves for an improved protection of the resources and the credentials of the user.
This method of two-factor authentication is more improved than the single factor authentication as it provides better security. Usually, the single factor authentication method depends on only passcode or password but the two factor authentication method depends on password as well as on a second factor which can be a facial scan or fingerprint.
The two factor authentication is used for online banking, online shopping, email, cloud storage accounts, social network accounts, productivity apps, password managers and communication apps. The websites and the network services that are using the two factor authentication method are Google, Facebook, Twitter, Apple, Microsoft, Yahoo, Evernote, Dropbox, LinkedIn, Tumblr, PayPal and eBay.
The two factor authentication is a helpful process that prevents your account from the hackers. This verification process makes it tough for the hackers to break into your account for stealing any kind of information or money.
Concept of two factor authentication
In today’s era, security is one of the major issues faced by governmental applications, banks, educational institutions, military organization and the common people. Therefore, the government is taking various laws and standards related to security so that the confidential information does not get leaked. One of the weak links that is identified in security is the password. As stated by Chaudhry et al (2015), password is one of the common things that are used in the present world but there are several issues related to password.
Often, users create weak password so that they do not have to remember the difficult passwords. Nowadays, most of the systems depend on static passwords for the verification of the identity of the users. These passwords come with major security issues as the hackers can easily steal those passwords by using techniques such as snooping, shoulder surfing, guessing or sniffing. In today’s world, the authentication factors that exists are something known, something possessed and something inherent.
As stated by Jiang et al (2017), the examples of “something known” are password, secret key, pin or private key. The examples of “something possessed” are debit card, smart card, credit card, driver’s license, passport and identification card. The examples of “something inherent” are facial recognition and finger prints. Therefore, the two factor authentication method can be stated as the strongest method for the protection of information and accounts.
The process of authentication that is required to access the login accounts, online newspaper websites, online ticketing and social networking accounts are done with the help of Graphical password or Alpha Numeric Password. Another improved version of authentication that is now available is Biometric Authentication which comprises of iris recognition, finger print and heat beat.
One of the major disadvantages of the OTP system is that the users have to carry the device with him all the time to get the OTP.
The two factor authentication method is normally user friendly in nature as it requires the two passwords to be stored in its system. As stated by Jiang et al (2015), the integrity, privacy and availability of the information are the main concern of the computer security and this can be achieved by using the two factor authentication method.
As stated by Nam et al (2015), human beings often have the tendency to create easy passwords which are prone to hacking and therefore the two factor authentication method which is done with the help of biometrics can provide extra security to the accounts. As stated by Xie et al (2016), this two factor authentication method simply confirms the identification after getting the double verification. It is gathered from the various reports that the biometric authentication is expensive in nature and has some privacy issues. Therefore, the One Time Password (OTP) system is a more effective two factor authentication system.
According to the experts, the two factor authentication method can surely lessen the online extortion and online fraud. This authentication system is mainly used by the banking industry and this can be added without replacing the whole system as only an additional layer is required for the protection of the information.
Usage of two factor authentication by the social networking sites
Facebook – Facebook has over 1.11 billion users and is considered as the most visited social networking platform. According to the studies, it was gathered that nearly 51 percent of the users visited the site once in a month. As stated by Dmitrienko et al (2014), due to the high traffic, the two factor authentication method is used by this website for maintaining the security of the users.
Youtube – This social networking platform allows the users to upload different types of videos and therefore a necessary two factor authentication is a must for the security of the users.
Google + - From the reports, it is gathered that Google + has more than 343 million users and the activity in this site is on a regular basis. Therefore, security is a must for this website and for that purpose the two factor authentication method is used in this website for the security of the users.
Risks of single factor authentication
Depends on the defence of the password
It is due to the static password that the issue related to security occurs. Passwords often do not have the capability to restrict the unauthorised access as it is the one and only defence of the security system. In this authentication system, the user is allowed to enter an email or username with a secure password and the system makes the verification accordingly. If the username and password matches then the user is allowed to enter the system. As stated by Giobbi et al (2017), in the social networking platforms, the passwords of the user are stored in the database in an encrypted form.
In the single factor authentication method, the majority of the users make weak passwords and this can be the reason for the information leak. In other scenarios, the users make the mistake of writing down their passwords in a safe location and sometimes the password gets leaked. Nowadays, the users manage multiple social networking accounts and it is a common tendency that the same username is used by the user in all the accounts and this can be a very serious security issue. The hacker can easily access of the accounts of the user if one account is hacked.
Chances of Phishing Attacks
Phishing attack is a kind of attack technique used by the hackers to lure their victims by sending them emails and by posting URLs in their social media networks. As stated by Konoth et al (2016), the users are convinced to enter the fake websites created by the hackers so that their private and sensitive information are collected. The users are fooled by creating fake websites that look almost like the real ones.
Vulnerability to Phishing attacks
According to the facts, it is gathered that the degree of vulnerability of information decides the level of security that is required for the protection of the information. As stated by Shah et al (2015), it can be explained by the example of medical records of the patients as they are both vulnerable and sensitive. Unauthorised access is strictly prohibited by the medical terms and policies.
Another example of this is the device that is connected to the Internet and accessed by many users. In this case, the information of the users can be very easily traced by the hackers and this can involve loss of information.
As the single factor authentication method uses only username and password it is easily accessible by the hackers. For avoiding such circumstances, the two factor authentication method is used which provides a double barrier for the users.
Risk mitigation by the two factor authentication method
- Improved security – It is the common nature of the users that they write down their passwords instead of remembering them. This writing down of passwords makes them vulnerable to hackers as they can easily get the necessary information. As stated by Cunningham et al (2015), the two factor authentication method provides an exceptional solution to this by generating a unique OTP for every log in attempt or transactions. With this authentication method, the user do not have to worry about information leak as the second line of defence which is the OTP provides a strong even if the password is compromised.
Reduction of data theft – The issue of identity theft has become a major problem for the users in the recent years. The ID theft is a very serious issue as it can cause serious harm to the users. A hacker can easily use your account and can make huge transactions that can be a burden for you. Therefore, the two factor authentication method is used for reducing the cyber crimes like identity theft, phishing and hacking. In the banking system, it is used for the security of the users as it involves the transaction of money. This is particularly important in case of online transaction as the customers use their debit card and credit for various transactions. As stated by Siadati et al (2017), the customers should activate this two factor authentication method and after the authentication the 3D secured payment gateway asks for the OTP for the completion of the transaction. This OTP is secured and is sent only to the registered user.
- Increased productivity and flexibility – Different users are allowed the access to log in into a database by the use of the two factor authentication method. With the use of this authentication method, the users can access the server of their company with their mobiles, hard tokens and USB tokens. With the help of this authentication method, the employees of many companies are allowed to work from a remote area. The productivity level increases as the employees are allowed to have access to the systems of the companies. One of the most famous security solutions that is available today is SSL VPN.
- Reduction of operational costs – With the help of the two factor authentication method, many companies are able to lower their operational costs. The employees are able to access the servers, databases and web portals of the company in a secure manner from their personal devices with the help of two factor authentication method. For this they just need to install the OTP generation software in their mobiles. With the help of this software, OTP is generated and is synced with the company server.
We can concluded that password is one of the common things that are used in the present world but there are several issues related to password. These passwords come with major security issues as the hackers can easily steal those passwords by using techniques such as snooping, shoulder surfing, guessing or sniffing. The improved version of authentication that is now available is Biometric Authentication which comprises of iris recognition, finger print and heat beat. The One Time Password (OTP) system is a more effective two factor authentication system. According to the experts, the two factor authentication method can surely lessen the online extortion and online fraud.
Due to the high traffic in Facebook, the two factor authentication method is used by this website for maintaining the security of the users. In the single factor authentication method, the majority of the users make weak passwords and this can be the reason for the information leak. Phishing attack is a kind of attack technique used by the hackers to lure their victims by sending them emails and by posting URLs in their social media networks. The two factor authentication method provides an exceptional solution to this by generating a unique OTP for every log in attempt or transactions. Different users are allowed the access to log in into a database by the use of the two factor authentication method.
Jeff Zod (author) from Nairobi on September 19, 2020:
Thank you for stopping by. Security in the digital sphere is more critical than ever. Hackers are increasingly becoming crafty hence the need for second factor authentication.
Jeff Zod (author) from Nairobi on September 19, 2020:
Second Factor authentication is becoming more critical as our lives shift to the digital sphere. Banks and financial firms are using it more to secure data.
Liz Westwood from UK on September 13, 2020:
I have noticed increasing use of 2 factor authentication increasingly in recent months. It makes me feel a little more confident in security when it is used.
Pamela Oglesby from Sunny Florida on September 13, 2020:
This is a very well-written article and protecting passwords is rather trickly these days. I like and use the second factor passwords for the banks. Thanks for explaining the situation so well, Jeff.