Passwords have always played a central role in digital security, and that’s not about to change anytime soon. However, relying on them entirely will do little to protect your business from the rising tide of an ever more diverse and sophisticated array of cyberthreats. If the only thing protecting a system is a password, then cybercriminals have a straightforward point of entry.
Why are passwords so vulnerable?
Most businesses already have a stringent password policy in place for all their online accounts. But while a strong password is much more difficult to crack using brute force methods, scammers routinely use covert tactics to dupe people into giving away their login information. After all, if they can get someone to surrender their password, they don’t necessarily need to make any technical effort.
Phishing scams are often carried out to compromise user login data. For example, a phishing email might include a link to a spoofed website that looks like one you use every day. The only problem is that it’s fake, and designed to capture usernames and passwords from victims who think they’re accessing a genuine site. Less sophisticated phishing scams may even ask you to send login details by email, which is something no legitimate entity would ever do.
Adding an extra verification layer
You’ve no doubt seen multifactor authentication before, such as when you log in to an online bank account or try to make a payment online. For example, Mastercard requires you to enter a dynamic code with their SecureCode technology, while Visa asks you to enter a few random characters from a separate passkey with their Verified by Visa technology. Many online bank accounts come with mobile authenticator apps or send SMS codes to verify user identities.
Multifactor authentication adds that critical secondary layer of security to exponentially boost the resilience of a system. In many cases, the secondary verification layer cannot be exploited by a social engineering scammer, since the information is dynamic and constantly changing. In other words, they’d need to get their hands on the secondary verification method, which is usually impossible.
What are the options?
Additional verification factors can be something as simple as a secondary password or even something as futuristic-sounding as a retinal scan. Naturally, certain factors are much stronger than others, which is why it’s good to blend two completely different verification factors to maximize protection. Some systems, particularly those that hold highly sensitive data, even have more than two authentication factors. These factors may include the following:
- Knowledge factors – something the user knows, such as a username, password, ID, PIN code, or answers to secret questions. However, relying on these alone leaves you open to phishing scams.
- Possession factors – something the user has, such as a security token provided by an employee ID card or key fob. For mobile authentication by SMS or mobile app, the phone itself provides the possession factor.
- Inherence factors – something the user is, which typically covers biological traits like fingerprints, facial recognition, or retinal scans. Since the user needs to be physically present to verify their identity, this is one of the most secure authentication factors.
- Location factors – where the user is physically located, which is often provided by a smartphone’s built-in GPS. Although rarely used as an authentication factor, it can be useful in certain situations.
Whatever secondary authentication method you use, enabling multifactor authentication settings is a must. By adding another layer of protection over your passwords, you can keep your business safe from account hijacking and a host of other cyberattacks.
Founders Technology Group provides a full range of managed services your business needs to boost security, performance, and adaptability to change. Call us today to get the technology help you need to protect your business.