Cyber Tip of the Week: Dual-Factor Authentication (DFA)

By Drew M. Smith

Dual-factor authentication (DFA) is increasingly becoming the normal standard in providing security for email and other systems. The idea is that if you have an additional layer of security on top of the standard passwords, it would be much harder to hack into your system because they would need both access points to get in.

To safeguard their information, most people use one of three different methods. The most popular method is a simple password that can be hacked. A second way is to establish another device as a back-up. When you sign in from a new IP address that has not been authenticated, you will be required to enter an additional code that has been sent to a secondary device. Without the additional code you would be unable to access the device. The last method is an option being used on many phones. A fingerprint is different for everyone and thus would be an excellent way to protect your information. The catch is, your fingerprints could potentially be lifted.1

DFA is a step beyond that. Instead of using one of the methods, it uses two. So if you sign in with a password, you can set up your server to send a code to a trusted phone or computer. Only if you provide the code sent to your designated device, will entrance be accepted. In addition, if you feel your device is compromised, you can set up a back-up device with someone you trust or a third party. Using that method, if you get a code sent to your device that wasn’t a result of signing in, you can catch someone trying to hack in and prevent the damage before it starts.

Many companies offer this service. The most public are the primary email providers such as Google and Yahoo as they have the largest amounts of subscribers. In the wake of the Yahoo data breach, where 500 million accounts were compromised, the email provider asked their customers to change everything. This included putting in things like security questions and ways to active a DFA process. The damages from a hack like this could be devastating if the wrong person got the contents of such emails.2

Every day, companies are looking to prevent or mitigate any breaches to their system. Having multiple ways to secure your information is important in this. Consult with your cyber officer about the options in setting up DFA’s. Be sure to set it up with a device or person you trust. Taking the time to set it up will save a lot of headaches in the future.


1http://www.pcmag.com/article2/0,2817,2456400,00.asp
2http://thehackernews.com/2017/03/yahoo-data-breach-hack.html

Leave a Reply

Your email address will not be published. Required fields are marked *