{"id":7835,"date":"2022-02-11T14:56:24","date_gmt":"2022-02-11T22:56:24","guid":{"rendered":"https:\/\/www.islandtechnologies.net\/blog\/?p=7835"},"modified":"2022-02-11T14:56:25","modified_gmt":"2022-02-11T22:56:25","slug":"what-is-two-factor-authentication","status":"publish","type":"post","link":"https:\/\/www.islandtechnologies.net\/blog\/what-is-two-factor-authentication\/","title":{"rendered":"What is Two-Factor Authentication?"},"content":{"rendered":"\n<p>Two-Factor Authentication is a buzzword we\u2019ve been hearing more and more over the past several years. At this point, most people reading this article have probably used two-factor authentication\u2014whether they realize it or not. Still, though, even if you have heard the term you might not know exactly what it means. <\/p>\n\n\n\n<p>What\u2019s defines two-factor authentication? What\u2019s the difference between two-factor authentication and multi-factor authentication? What\u2019s even is an authentication factor? Why can\u2019t we just use passwords? Read on if you\u2019d like to learn more about how two-factor authentication works, and why so many companies are opting to use it to improve security.<\/p>\n\n\n\n<p><strong>What Defines Two-Factor Authentication?<\/strong><\/p>\n\n\n\n<p>Two-Factor Authentication (TFA) is when a user verifies their identity by using two distinct \u201cAuthentication Factors.\u201d That, of course, begs the question: what is an authentication factor?<\/p>\n\n\n\n<p>The most familiar authentication factor we use online is a password. We prove our identity by providing a piece of information (the password) that no one else would know. Because a password is something an individual knows, it\u2019s called a \u201cknowledge factor.\u201d There are several different types of authentication factors, such as:<\/p>\n\n\n\n<p> <em>Knowledge Factors:<\/em><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li> Passwords<\/li><li> Pin Numbers<\/li><li>Challenge Responses (e.g., \u201cwhat\u2019s your mother\u2019s maiden name?\u201d)<\/li><\/ul>\n\n\n\n<p> <em>Possession Factors:<\/em><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li> A keycard you swipe for access<\/li><li> A phone on which you receive access codes<\/li><\/ul>\n\n\n\n<p> <em>Location Factors:<\/em><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li> Website only accessible in certain restricted locations<\/li><li> Credit card freezing if suddenly used outside of the country<\/li><\/ul>\n\n\n\n<p> <em>Time Factors:<\/em><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li> One-time code that must be used within a short window of time<\/li><\/ul>\n\n\n\n<p>\t\t<em>Biometric Factors:<\/em><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li> Iris scan<\/li><li> Voice verification<\/li><li> Facial scan<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.islandtechnologies.net\/blog\/wp-content\/uploads\/2022\/02\/2fa.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"600\" src=\"https:\/\/www.islandtechnologies.net\/blog\/wp-content\/uploads\/2022\/02\/2fa.jpg\" alt=\"\" class=\"wp-image-7863\" srcset=\"https:\/\/www.islandtechnologies.net\/blog\/wp-content\/uploads\/2022\/02\/2fa.jpg 800w, https:\/\/www.islandtechnologies.net\/blog\/wp-content\/uploads\/2022\/02\/2fa-300x225.jpg 300w, https:\/\/www.islandtechnologies.net\/blog\/wp-content\/uploads\/2022\/02\/2fa-768x576.jpg 768w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><\/a><\/figure>\n\n\n\n<p>Two-Factor Authentication (TFA) is when a verification process requires exactly two security factors, and each security factor is a different \u201ctype\u201d of factor. For example, a TFA process might require a password (a <em>knowledge factor<\/em>) and a facial scan (a <em>biometric factor<\/em>). That process requires two factors (a password and a facial scan), and those factors are two different types (a <em>knowledge factor<\/em> and <em>biometric factor<\/em>, respectively).&nbsp;<\/p>\n\n\n\n<p>Having the two factors be from different types is key. If we had a process that would require a facial scan (a <em>biometric factor<\/em>) and an iris scan (another <em>biometric factor<\/em>), the process would <em>not<\/em> be TFA because both of the two factors are <em>biometric factors<\/em>.<\/p>\n\n\n\n<p><strong>Single-Factor vs. Two-Factor vs. Multi-Factor Authentication<\/strong><\/p>\n\n\n\n<p>Single-factor authentication is a verification process that uses only one security factor of any type. An example of Single-factor authentication would be using a facial scan to open an iPhone. Single-factor authentication is the simplest and lowest cost to set up, but it is also the least secure.<\/p>\n\n\n\n<p>Two-factor authentication, as already discussed, uses <em>exactly<\/em> two factors, where each factor is a different type. An example of Two-factor authentication would require entering a pin number (knowledge factor) and swiping a physical debit card (possession factor) to authorize a purchase. Two-factor authentication requires a more involved setup, and could be more difficult to use, but provides a substantial increase in security.<\/p>\n\n\n\n<p>Multi-factor authentication is a lot like two-factor authentication: it uses <em>at least<\/em> two-factors from <em>at least<\/em> two different types of security factors\u2014but it can use more as well. So, two-factor authentication is the simplest version of multi-factor authentication. A multi-factor setup might require you to enter a passcode (knowledge factor), do a facial scan (biometric factor), and swipe a keycard (possession factor). Multi-factored authentication that uses three or more factors may be ideal for protecting highly sensitive data, but in most cases, the added protection will be overshadowed by the added inconvenience for the user.<\/p>\n\n\n\n<p><strong>Why use Two-Factor Authentication?<\/strong><\/p>\n\n\n\n<p>Sometimes TFA can feel annoying. You\u2019re just trying to log on to a website, but now you have to check your phone and enter in a security code. While this is an inconvenience, the purpose is to prevent a much bigger inconvenience: getting hacked.<\/p>\n\n\n\n<p>There are two primary advantages to TFA. The first advantage is that TFA makes it orders of magnitude more difficult for cybercriminals to access sensitive data. Those few seconds it takes to enter the security code could prevent major damage and loss of data. More subtly, the second advantage is that TFA allows websites to be more confident that they are showing the right information to the right person.<\/p>\n\n\n\n<p><strong>Why is a password not good enough?<\/strong><\/p>\n\n\n\n<p>Passwords are good when the stakes are low, but in most cases just won\u2019t cut it. Passwords are often stored poorly. Often, people write them down and keep them in their desk, forget to delete them off of old hard-drives, or memorize (and then forget) them. Ultimately this leaves passwords vulnerable to phishing and other external threats.<\/p>\n\n\n\n<p>That said, passwords still have their place. They are the most common and most familiar security factor used online, which makes them easy to implement. Passwords are also a low-cost solution. So, if the information is not too sensitive, the audience is not tech-savvy, and the solution needs to be implemented quickly at a low cost\u2014a simple, single-factor authentication using a password might be the way to go.<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Two-Factor Authentication is a buzzword we\u2019ve been hearing more and more over the past several years. At this point, most people reading this article have probably used two-factor authentication\u2014whether they realize it or not. Still, though, even if you have heard the term you might not know exactly what it means. What\u2019s defines two-factor authentication? &hellip; <a href=\"https:\/\/www.islandtechnologies.net\/blog\/what-is-two-factor-authentication\/\">Continued<\/a><\/p>\n","protected":false},"author":8,"featured_media":7862,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[73],"tags":[185,184,183],"class_list":["post-7835","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-password-security","tag-tfa","tag-two-factor-authentication"],"_links":{"self":[{"href":"https:\/\/www.islandtechnologies.net\/blog\/wp-json\/wp\/v2\/posts\/7835","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.islandtechnologies.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.islandtechnologies.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.islandtechnologies.net\/blog\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/www.islandtechnologies.net\/blog\/wp-json\/wp\/v2\/comments?post=7835"}],"version-history":[{"count":12,"href":"https:\/\/www.islandtechnologies.net\/blog\/wp-json\/wp\/v2\/posts\/7835\/revisions"}],"predecessor-version":[{"id":7871,"href":"https:\/\/www.islandtechnologies.net\/blog\/wp-json\/wp\/v2\/posts\/7835\/revisions\/7871"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.islandtechnologies.net\/blog\/wp-json\/wp\/v2\/media\/7862"}],"wp:attachment":[{"href":"https:\/\/www.islandtechnologies.net\/blog\/wp-json\/wp\/v2\/media?parent=7835"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.islandtechnologies.net\/blog\/wp-json\/wp\/v2\/categories?post=7835"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.islandtechnologies.net\/blog\/wp-json\/wp\/v2\/tags?post=7835"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}