2FA – Two-Factor Authentication – is an essential extra step to ensuring your organizations are adequately protected from unauthorized access. So what is 2FA and why does it matter?
2FA usually involves an additional SMS or authenticator app code which is used as a 3rd piece of information when signing in – on top of your username and password.
But why do we need 2FA? We already have passwords?
While a strong password goes a long way to securing your login, passwords on their own are not perfect. People often create passwords which are weak and easy to guess plus many sophisticated and open source password cracking tools exist and are leveraged by cybercriminals. Passwords are also regularly stolen and leaked online (the recent Optus data breach is a good example of just how devastating data breaches can be) and securing a user account with a password alone can make the account vulnerable to bot attacks.
This is why 2FA is important. A password alone is not enough to safeguard your account. In small businesses this is especially the case as you may not have enough specialised staff to enforce a strong password policy.
2FA provides an additional layer of security on top of your standard credentials. This makes it harder for accounts to be accessed and compromised by malicious third parties. If a hacker were to guess your password, they still would not be able to get in if they didn’t have your 2FA code.
This is why, as a best practice, it is recommended to ensure all admin accounts are protected by 2FA as well as anywhere else in which someone may have confidential information.
2FA is also flexible to set up and also enables ease of monitoring and auditing the logins on your systems which makes it ideal for detecting potential unauthorized activity.
Popular 2FA tools on the market which can be integrated into your organisation include Okta, Google Authenticator, Auth0, CyberArk. Most services like Microsoft now also include 2FA in webmail.