Multi-factor authentication works by adding layers of security to confirm your personal identity. The first layer is the most common, and the most susceptible to attack. The password/login formula is a good example of the first layer, this is also known as one-factor authentication because it asks you one thing about yourself, something you know. When a second layer of security is added, this is called two-factor authentication. This second factor will ask you for additional personal information, something you have, like a cell phone.
Utilizing the phone for two-factor authentication only makes sense because the mobile phone is so prevalent. Upon logging into your account as you would normally, your phone will be sent a Time-Based One-Time Password (TOTP), this will be used to complete the login process.
When you see multi-factor authentication in use, it looks like a slick technology out of a spy movie, but we are actually seeing multi-factor authentication being made available for our everyday internet browsing. Google has incorporated two-factor identification for Gmail and their other online applications, and Facebook has been offering two-factor authentication since 2011.
Microsoft made a giant leap in two-factor identification availability by acquiring PhoneFactor in October 2012. The features of PhoneFactor go beyond texting your phone a TOTP, they have additional enhancements that make two-factor authentication more convenient and more secure. Phonefactor uses applications for smartphones, but they are also compatible with the old school touch-tone phones. When you go to log in, PhoneFactor will give you a call, and prompt you to press the pound key, simply press the button and you are in! This feature is attractive for businesses that like the security of two-factor authentication, but may not feel comfortable using an employee’s personal device to access company accounts. PhoneFactor can also protect your account by monitoring all login attempts. If a hacker pokes around in your login screen, PhoneFactor will call you and your IT department and notify everybody of an intruder alert.
In a PhoneFactor survey, 80% of respondents do not use two-factor security. This makes the online world a virtual playground for hackers who know how to bypass the password/login defense. We at CR-T can help, give us a call at 801-222-0930 and we will be happy to add two-factor authentication to your online accounts.