Computer Security Technology Ltd

+44 (0)20 7621 7836 LinkedInTwitter

+44 (0)20 7621 7836 CSTL LinkedInCSTL Twitter

March 4, 2014

What is two-factor authentication?

Security remains a hot topic in the IT world with 2013 seeing more than enough high-profile data breaches to test any userís comfort zone. So could two-factor authentication be the way forward for web logins?

After seeing companies as big as Facebook and Apple fall victim to hackers in the past 12 months, itís easy to forgive internet browsers for feeling a little uneasy. And still the search goes on for an effective way to combat the threats.

One technology being adopted by a growing number of websites and applications is two-factor authentication. So what is it and how does it work?

A combination of identifiers

Two-factor authentication (2FA) is a way for computer programs and websites to confirm someoneís identity using two of three possible identifiers. Often called two-step or multi-factor verification, itís seen by many as the best way to avoid relying only on a single, eight-character password.

The identifiers are separated into three categories: something you know, something you have and something you are. A simple example of 2FA is your bank card. When you withdraw cash you make use of something you have - the card - combined with something you know - your PIN number.

Something you know

Obviously the standard password falls under this heading, but itís no longer limited to just maiden names and favourite football teams. More innovative methods are now being introduced, like the pattern-based keys commonly seen on Android devices. This section generally makes use of the knowledge a user has provided themselves when opening the account.

Something you have

This refers to an item in the userís possession. In basic terms, a door key would fit in here as it is an item which allows the barrier to be unlocked. The same principle applies with 2FA but the most common identifiers here tend to be a smartphone or other dedicated device capable of receiving unique, single-use pin numbers and passphrases. A good example would be the way Google uses SMS to send an instantly generated code to the user. This is then entered into the system after the initial password to act as the second identifier.

Something you are

While the first two categories are probably the most popular, advances in technology mean that users are also able to use their own bodies to prove who they are. Common examples here include fingerprint scanning, facial recognition and even retina scans. Although the technology is expensive, it can be extremely accurate.

Data has never been of greater importance and the reliance people are placing on internet accounts grows year on year. It makes sense, therefore, to avoid our dependence on individual passwords. The fact that tech giants such as Microsoft and Google are now moving towards two-factor authentication only confirms that it is a highly effective solution we will be seeing a lot more of in the future.