On the heels of the recent Samsung Note 7 release, there have been mummers in the IT field on the phone’s unique new security feature: its phone-unlocking iris scanner.
The trend of new devices toting similar alternative authentication features doesn’t seem to be slowing down, and for good reason. According to Verizon’s DBIR, 63% of data breaches involved weak, default or stolen passwords.
The surprising stats don’t stop there either: 80% of data breaches could be prevented by simply using two-factor authentication, according to NetworkWorld.
Interested in using multi-factor authentication at your business but want more info? Let’s start with the basics.
What is multi-factor authentication?
Multi-factor authentication is a security measure that requires two or more forms of verification in exchange for access.
An example is when you log into an online bank account for the first time. The bank may ask for a password and also send you a text message with a code to enter. Now you have multiple authentication factors: the password and the SMS code.
Using multiple pieces of information to authenticate is generally believed to improve security by making it more difficult for attackers to gain unauthorized access. Hackers need to snag more than just a single piece of information to break in.
Jeremi Gosney, CEO of Stricture Consulting Group, cracked 10,223 passwords in 16 minutes. Would your passwords hold up to such attacks? Probably not. That’s why multi-factor authentication might be a good way to help protect your most sensitive data.
What are the three types of authentication factors?
The three basic types of information that can be used to verify your identity are something you know, something you have, and something you are.
Something You Know
Often the most used (and the most successfully hacked), the Something You Know category is comprised of your typical username password/pin number credentials.
When creating a password in this category, be sure to use multiple letters, numbers and symbols to make your password strong against hackers.
Something You Have
The Something You Have category is pretty self-explanatory. You verify your credentials by either using a code provided by a handheld token or the token itself.
For example, you might have a USB device on your keychain that plugs into your work laptop to log on, or you might have a small device that spits out a number every few minutes, and you use that number to securely log into your accounts.
Another popular version of the Something You Own category is SMS messaging. While not recommended, organizations such as Facebook and Yahoo will send users special pin numbers via text message when verifying user identities.
Something You Are
The Something You Are category, also known as biometric authentication, requires physical proof of identity for access.
Mobile phones such as the Samsung Galaxy and Note series as well as the iPhone devices have biometric options available when it comes to security, such as requiring your thumb print (or now a scan of your iris) to unlock your phone.
By implementing two or more of these authentication factors into your company’s policy, you can greatly increase your chances of negating a successful breach.
How to Get Started with Multi-Factor Authentication
Implementing multi-factor authentication may be easier than you thought.
Many companies such as Google and Apple already have multi-factor authentication options built in to their programs, which you can enable for more security.
To see if your favorite pages or email sites have multi-factor authentication options available, search here.
If you’re looking for outside services, NetworkWorld also did a comparison post on some of the top multi-authentication programs in the field.