1(630)802-8605 Ravi.das@bn-inc.net

Our last blog looked at what 2FA is all about.  It is an acronym for Two Factor Authentication.  In non geek and non techie terms, it simply means that you have two layers of security for your Smartphone or any other wireless device.  In this kind of configuration, you normally still have to enter a password or a PIN, but after that, it gets a little bit more tricky.

For example, you may have to answer a Challenge/Response question (don’t you just love those), entering in a Captcha (yuk), or even having your fingerprint or eye scanned.  This is also known as Biometrics, and in fact, Apple was the first major wireless provider to offer the use of fingerprint recognition in both their iPhone and iPad series of models.

This is system is known more fondly s the “Touch ID”.  But, Apple did not actually did not invent this, rather they bought out a Biometrics vendor known as Authentec, and with that, also gained ownership of their intellectual property, which included their optical fingerprint sensors.  So, we are going to continue with the theme of 2FA, looking into the advantages and disadvantages.

The advantages:

  • When compared to using just one layer of security, 2FA offers a much stronger lines of defense-after all, two layers are being used now.
  • It is harder for the hacker to break into your Smartphone or wireless device. But keep in mind, that this depends on what is being used.  If you are using just a password for the first layer and a PIN for the second, it is quite possible that your device could be hacked into in just a matter of minutes.  But if you are using fingerprint recognition, then of course, it will be much harder to break into.
  • If you are a business owner, using 2FA will help not only to keep your devices more secure, but you will have a greater probability of staying out of the news headlines, unlike Target, Sony, or Home Depot.

The disadvantages:

  • It can be very tedious and time consuming to use. For example, if typing a password you can’t remember is hard enough, just imagine if you have to carry a FOB around for the second layer-such as that as an RSA Token, which is widely used by many businesses and corporations today.
  • If you have many employees, then using a 2FA could be very time consuming. Assume you have 100 employees, 5 logins a day, and it takes 5 seconds to get through the 2FA.  That means 2,500 seconds, or 41.6 hours of worker productivity which is lost.
  • People (especially remote employees) will most likely resent having to carry an extra security device with them, if that is what is used for the second layer of security.
  • Implementing a 2FA means more training is required-once again if something like an RSA token is being used or fingerprint recognition and/or eye scanning.

Whether we like it or not, 2FA is here to stay, and on a permanent basis.  But given the escalation and sophistication of Cyber attacks, who knows maybe we will have 3FA?  5FA?  Or perhaps even 10FA????