Two-Factor Authentication (2FA)
When you think of all the happens online
and you consider all that goes on in the
‘networked’ world, you can start to
appreciate the tremendous need for
strong security measures to protect
online assets, data and communications.
Authentication is the cornerstone of any
vigilant network security solution. And
the authentication method used to
protect the vast majority (90+%!) of
networks (user names and passwords) is a
50 year-old solution designed when there
were no networks, no Internet… in fact,
next to no computers!
Passwords suffer from a number of
weaknesses that make them an ineffective
security measure for your network - they
are easy to steal, easy to hack and hard
to remember. The result is both reduced
network security and increased help-desk
costs for resetting passwords.
Two-Factor Authentication – One-Time
Two-Factor Authentication (2FA) is
directly analogous to the way one
‘authenticates’ to an Banking Machine –
you use something only you have (your
unique bank card) and something only you
know (your secret PIN) to identify
yourself to the system.
It is very similar in the networked
world, the ‘something only you have’ is
a password-generating authenticator or
token. The ‘something only you know’ is,
again, a secret PIN.
Your token is your key to the network –
it generates a new password every time
you logon. Your PIN validates that you
are the rightful owner of the token. You
can choose from several varieties of
tokens all of which do the same thing,
they generate a new secure, random
‘One-Time Password’ for every logon.
Anyone key-logging or shoulder surfing
your password will have a worthless
string of letters and numbers as the
password will work once and only once.
Next logon a new random, One-Time
Password is generated.
This secure method of authentication
does what static passwords cannot, it
gives you the confidence and
peace-of-mind that a user logging on to
the network, really is who he or she
claims to be and not someone just using
a stolen, lost or shared password.