Why Two-Factor Authentication Might Replace Passwords Sooner Than You Think

TSP • @myTSPnet


As technology becomes more advanced, so do the hackers and viruses that attempt to invade our privacy and online accounts. Everyone, including well-known leaders and tech innovators, can be vulnerable to cyberattacks.

In fact, since 2016, a group of hackers known as OurMine has notoriously hacked social media and website accounts of distinguished individuals, including Google CEO Sundar Pichai, Facebook CEO Mark Zuckerberg and his sister Randi Zuckerberg, Spotify founder Daniel Ek, Amazon CTO Werner Vogels, actor Channing Tatum, Buzzfeed, various NFL teams and more. In another instance, a 17-year-old-boy hacked into the Twitter accounts of Amazon CEO Jeff Bezos, former U.S. President Barack Obama and rapper Kayne West in an elaborate scheme involving Bitcoin.

So how do we protect ourselves from potential technological security breaches? Replacing generic password security with two-factor authentication into our login credentials is a good place to start. 

Single-factor authentication is the most basic form of authentication — an account simply requires one credential for an individual to confirm their identity and access their account, the most common being a password. Two-factor authentication (2FA) requires users to input two different types of information in order to verify their identities and access an online account or system.

Traditionally, many login systems have solely required a password for entry, thus merely incorporating single-factor authentication. Therefore, if a password is compromised, the entire account is compromised. To help minimize the threat of cyberattacks, many companies and individuals are turning toward two-factor authentication methods to ensure platforms and systems are protected. 

PCMag’s lead security analyst Neil J. Rubenking identified three general types of authentication — something you know, something you have and something you are. Something you know may include a password, pattern or security question. Something you have can include a cell phone, fob, key or anything that belongs to you. Finally, something you are might include a fingerprint or voice command. Two-factor authentication indicates a platform is using two of these three methods. For example, your social media account may require you to answer a phone call in addition to inputting your password, combining something you know with something you have.

Many tech and social media platforms including, Apple, Amazon, Dropbox, Facebook, Google, Instagram, Twitter and others have already implemented easy-to-use two-factor authentication options into their software. Additionally, various businesses, groups, schools and programs are integrating multi-factor authentication solutions into accounts to ensure security and further protection. For instance, Authy 2FA, Duo Multi-Factor Authentication, ESET Secure Authentication, Idaptive MFA and more.

Although passwords have been a popular authentication method for years, their susceptibility to attacks can no longer be overlooked. Verizon’s 2017 Data Breach Investigations Report found that a whopping 81% of hacking-related security breaches stem from stolen and/or weak passwords.

When choosing a password, many users lack creativity, leading to shorter and simplistic passwords that the user may even implement on numerous platforms (Mark Zukerberg was hacked on multiple platforms due to password reuse). These common oversights place account security in a dangerous position.

Even users with strong and complex passwords can be hacked due to phishing, malware and other methods. The implementation of two-factor authentication provides an extra layer of protection by allowing users to verify their identity with an additional method.

Realistically, we may not see the complete elimination of password protection in this lifetime. However, the more we reduce the option of password authentication and implement two-factor authentication including something you have and something you are methods, the safer and easier our accounts will be to access.

Consider the myriad of passwords you have to account for — social media, email, utility and bank accounts, phones, laptops, work software and programs, the list is almost never-ending. What if we could use a combination of cell phones, fobs, keys, fingerprints or voice commands to access these accounts instead? Think about how much easier and safer that would be.

Overall, there is no perfect safeguard against the threats that hackers pose. However, passwords can easily be compromised, and it is imperative that we introduce an extra layer of security into our authentication systems. Moral of the story — learn from Mark Zuckerberg’s mistakes, and implement two-factor authentication.