<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=4052188&amp;fmt=gif">


In 2014, there were so many major data breaches that it’s barely even news when millions of customer profiles are compromised. It’s easy to think that hackers will find a way to break into our systems no matter what we do. But you might be surprised to find that one simple precaution could protect you from hackers—two-factor authentication.

A recent article in PCWorld warned that companies are setting themselves up for a hack if they don’t take advantage of two-factor authentication.

“While people may claim that the attackers in these breaches are advanced, sophisticated, or state-sponsored, their actual execution is quite simple in nature,” Jon Oberheide, co-founder and CTO of Duo Security, said in the article. “Simple phishing and other credential theft attacks have not only been the initial entry vector to these companies, but also how attackers move laterally within an organization to reach their eventual target." 

The Benefits of Two-Factors

There are usually three ways to prove someone’s identity:

  1. Something you know, like a password

  2. Something you have, like a cell phone

  3. Something you are, like your fingerprint

Usernames and passwords are the most common way to authenticate a person, or to prove they are who they say they are. Even though this method uses two pieces of information, it’s considered single-factor authentication because both the username and password are things you know.

two-factor-authenticationA person’s username is usually fairly easy to guess, and passwords are increasingly easy to crack or steal. In fact, hackers often get access to usernames and passwords through phishing attacks. High-profile breaches like those at Target, Home Depot and Sony started with a simple intrusion. 

“Had those organizations used two-factor authentication, and also required something you have or something you are, the attackers wouldn’t have been able to do much with the username and password,” Tony Bradley, principal analyst with the Bradley Strategy Group, said in a recent PCWorld article. “However, two-factor authentication alone is not enough. It has to be properly implemented two-factor authentication.”

Two-Factor Use Remains Limited

Many companies already use multi-factor authentication, but they only use it for key users or servers. But hackers only need one server that’s not protected by multi-factor authentication to gain access.

“It’s like locking every door and window in your house except for one, and hoping a burglar isn’t thorough enough to find the one unlocked entrance,” Bradley said. “It’s only a matter of time until a username and password is compromised, but as long as the attacker doesn’t also have the mobile phone or fingerprint that goes with those credentials, the data will still be safe.”

Bradley goes on to recommend that all companies and individuals use two or more factors of authentication everywhere possible.

Free e-signature security eBook

You may also like

'Tis the Season for Low-Tech Fraud: 10 Ways to Protect Your Members
'Tis the Season for Low-Tech Fraud: 10 Ways to Protect Your Members
26 November, 2014

It’s hard to believe the holidays are upon us, and unfortunately so too are the fraudsters. This time of year, fraudster...

Obama: Hacks Show Need for Cybersecurity Law
Obama: Hacks Show Need for Cybersecurity Law
14 January, 2015

This week, President Barack Obama announced that he will push for cybersecurity legislation following the recent cyber a...

Peter Montoya: SIGNiX is an Industry Leader in Financial Services
Peter Montoya: SIGNiX is an Industry Leader in Financial Services
16 February, 2015

We're pleased to announce that we've added MarketingPro, Inc., to our growing client roster. The marketing company, whic...