Our dependence on technology has never been higher, especially during the pandemic. Due to much of the economy being shut for several weeks, people had to do their regular errands online such as shopping, banking, and general communication. These services all require you to generate an account meaning that you could have several accounts for different online services. At minimum it is recommended to use different and complex passwords across these accounts to prevent someone from being able to access all of your accounts with a single, easy-to-guess password. SMS two-factor authentication has quickly become the target of hackers attempting to intercept the authentication using a method called SIM swapping.
The password as we know it is dead. Two-factor authentication adds an extra layer of security to your online accounts such as Facebook, PayPal, banking, and email. This is done by externally verifying that it’s actually you signing in. The idea of authentication prevents anyone but you from logging into your accounts, even if they have your password.
Traditionally, two-factor verification came via SMS with a code you would enter onto the website. However, a disturbing trend known as ‘SIM swapping’ or ‘SIM jacking’ has made two-factor authentication via SMS extremely unsafe.
There are other alternatives to authenticating via SMS such as Microsoft Authenticator and Duo Security. These authentication apps don’t rely on your phone carrier to authenticate as you receive a push prompt to verify from the app itself. Authentication apps are typically faster and also more secure as the prompts expire after 30-60 seconds.
At first, the concept of authentication via SMS seemed logical to adding an extra layer of security to computers and online accounts however as SIM swapping continues to threaten the credibility of two-factor authentication we must adopt authentication apps as they are the safest alternative.
Duo Security is a cloud-based two & multi-factor authentication provider. This application uses internet connectivity to deliver login approval requests, this is a more secure method than receiving authentication via SMS. Duo Security actively involves the user in the process of remaining secure by encouraging the user question when prompted to authenticate “did I initiate this or is someone trying to access my account?”. Read more about Duo Security here.
Zero trust requires a stringent identity verification for every user and every device attempting to access resources on a private network, regardless whether they are situated within or outside the network.
The general philosophy behind a zero trust security network assumes there are threats within and outside the network. Therefore, no users or devices are automatically trusted under the zero trust network.
Another aspect of the zero trust philosophy is least-privilege access. Essentially, this means users are only given as much access as required by the network administrator. This minimises each user’s access to sensitive information.
To speak about cyber security and business two-factor authentication today, call us on 1300 300 293.
Key Takeaways: Implementing strategic IT upgrades can significantly enhance business operations without requiring substantial investment.…
Key Takeaways: Cloud computing offers unparalleled efficiency, allowing businesses to optimise resources. It provides scalability,…
In the ever-evolving landscape of remote work, 2024 has seen remarkable advancements in technology tools…
Data Privacy Day serves as a crucial reminder of the importance of protecting personal and…
In the evolving landscape of Australian business technology, cloud platforms have emerged as a vital…
In the ever-evolving world of technology, 2024 marks a significant year for Managed IT Services.…