A lot of computer systems and websites still user a simple username and password authentication system. We can make our passwords more difficult to a brute force attack by making them longer and more complex with upper and lower case and symbols. One of the problems we have is that most of use have many online accounts that require a password and it is difficult to remember many passwords. I will bet that many people who read this re-use passwords on multiple accounts, and this will lessen the odds of a compromise.
2 step authentication will make it much more difficult for a potential hacker or intruder to access any of your sensitive information. If the system you are logging on to supports 2 step authentication then you should use it. MS Hotmail, Facebook, Google Accounts and some high street banks, to name a few currently offer this form of authentication.
A 2 step authentication system will use one of a number of factors such as something you know such as a password, something you have such as a number generator or smartcard and something you are, that consists of something unique about you. Something you are might be fingerprint or retina recognition or other form of biometrics.
Most of use an ATM card which incorporates a pin number. The pin number is of no use without the card itself, or at least the information on the card. This is an example of a 2 step authentication system. I logon to my bank account online using a simple username and password and an additional number generator supplied by the bank. If someone was to capture your password then without the number generator they would not have full access to my bank account. Both of these examples include something you know plus something you have.
2 step authentication can be compromised, one example being ATM Skimming where additional electronics which scan your card as you insert it into the machine. Combined with a small hidden camera, the thief records your pin number so thief how has something YOU know and something YOU have. There are also versions of malware that can steal information from your computer and hijack sessions to your bank or other online account.
3 step authentication uses all 3 factors, something you know, something you have and something you are. Using 1 step authentication and a four digit pin number, an attacker has around a 1 in 10,000 chance of guessing the pin. By adding something you have such as a smartcard or number generator the odds are significantly greater, in the order of 1 in 10 billion chance. Finally, if you add something you are such as a voice print or retina print then you have now increased the chance of obtaining the information to around 1 in a trillion chance.
The bottom line is that the more steps in the authentication process the more secure the system.
Authentication and security form topics in some of our instructor-led training courses.
2 step authentication will make it much more difficult for a potential hacker or intruder to access any of your sensitive information. If the system you are logging on to supports 2 step authentication then you should use it. MS Hotmail, Facebook, Google Accounts and some high street banks, to name a few currently offer this form of authentication.
A 2 step authentication system will use one of a number of factors such as something you know such as a password, something you have such as a number generator or smartcard and something you are, that consists of something unique about you. Something you are might be fingerprint or retina recognition or other form of biometrics.
Most of use an ATM card which incorporates a pin number. The pin number is of no use without the card itself, or at least the information on the card. This is an example of a 2 step authentication system. I logon to my bank account online using a simple username and password and an additional number generator supplied by the bank. If someone was to capture your password then without the number generator they would not have full access to my bank account. Both of these examples include something you know plus something you have.
2 step authentication can be compromised, one example being ATM Skimming where additional electronics which scan your card as you insert it into the machine. Combined with a small hidden camera, the thief records your pin number so thief how has something YOU know and something YOU have. There are also versions of malware that can steal information from your computer and hijack sessions to your bank or other online account.
3 step authentication uses all 3 factors, something you know, something you have and something you are. Using 1 step authentication and a four digit pin number, an attacker has around a 1 in 10,000 chance of guessing the pin. By adding something you have such as a smartcard or number generator the odds are significantly greater, in the order of 1 in 10 billion chance. Finally, if you add something you are such as a voice print or retina print then you have now increased the chance of obtaining the information to around 1 in a trillion chance.
The bottom line is that the more steps in the authentication process the more secure the system.
Authentication and security form topics in some of our instructor-led training courses.
RSS Feed
