Zacharias 🐝 Voulgaris

10 mesi fa · 2 min. di lettura · visibility 0 ·

chat Contatta l'autore

thumb_up Rilevante message Commentare

The Two Types of Two Factor Authentication and How They Impact Cybersecurity

The Two Types of Two Factor Authentication and How They Impact Cybersecurity

Two Factor Authentication (2FA): a security system that requires two distinct forms of identification in order to access something.


Cybersecurity: the measures taken to keep electronic information private and safe from damage or theft.


(Security) Token: a portable device that authenticates a person's identity electronically by storing some sort of personal information


Definitions source: www.investopedia.com


Two-factor authentication (2FA) is significant not just for cybersecurity fans but for anyone who values their privacy. What's more, it's so widespread nowadays that it's hard to avoid it altogether. But not all 2FA processes are made equal.

With the risk of oversimplifying the topic, we can organize the various 2FA processes into two large categories: app-based and non-app-based. The former makes use of a specialized app, which acts as a token for an additional layer of the authentication process. The latter makes use of a different channel, such as SMS, phone call, or even an iris scan, to validate the user's identity. Naturally, both methods have their strengths and weaknesses, which makes them even more worth exploring.

Non-app-based 2FA has been around longer, and it's an established way of performing 2FA. For more security-critical processes, such as monetary transactions, it can take the form of a physical token (e.g., a specialized fob) that the user has with him at all times. This level of 2FA is good enough for most banks, and it makes identity theft extremely difficult and probably not cost-effective for the majority of cases. Non-app-based 2FA can be more straight-forward, though, as in the case of SMS or phone calls, something that many banks use too, especially for facilitating the pairing of a phone with an account. Note that between the two, SMS is bound to be safer since it can better ensure that the phone number corresponds to an actual phone rather than a VoIP line (though there are exceptions to this too).

App-based 2FA is more often than not a liability, an unnecessary one at that. Despite the convenience this type of 2FA offers, there are many more things that can go wrong (e.g., the app stops working, the app may have a backdoor or even compatibility issues with the latest version of the OS that you just installed). Naturally, a bank is bound to have the resources to build a solid app that doesn't yield any issues. However, most other apps (esp. third-party ones, developed with a smaller budget, often by less qualified developers) are sub-par in that regard. In other words, unless you have to use such an app, you are better off not doing so.

Of course, the topic of 2FA is highly complex, so these suggestions are more like rules-of-thumb. However, they are a good starting point since you've got to start somewhere, and most cybersecurity material on the web tends to be arcane at best. In general, the more sensitive a process is (particularly when it involved sensitive data), the better the cybersecurity it requires. And even if you use the strongest password out there, this may not be enough sometimes. That's why it's good to be aware of various aspects of this field and get acquainted with the terminology. At the very least, you'll be able to keep scammers at bay!


thumb_up Rilevante message Commentare
Commenti
Jatin Vaghela

Jatin Vaghela

6 mesi fa #1

Those who are in the IoT Technology should know about the Top 10 IoT Trends business should follow in 2021 This is a fantastic article. I've also written an article on "Top 10 Emerging IoT Trends that business should follow in 2021". Here it is: https://devstree.wordpress.com/2021/04/06/top-10-emerging-iot-trends-that-business-should-follow-in-2021/

Altri articoli da Zacharias 🐝 Voulgaris

Visualizza il blog
1 settimana fa · 5 min. di lettura
Zacharias 🐝 Voulgaris

Data Management Best Practices for Modern Backend Data Security

Source: pixabay.com (after some processing work)Th ...

2 mesi fa · 2 min. di lettura
Zacharias 🐝 Voulgaris

A Modern Data Pipeline

Source: Semantix Brasil · I generally don't opt fo ...

2 mesi fa · 2 min. di lettura
Zacharias 🐝 Voulgaris

Seven reasons why beBee is better than LinkedIn for professional networking

Is it me, or does this look like a set of bowling ...