When is the last time your organisation updated its password policy or sent out guidance to employees around creating safe and secure passwords? It’s been a year since we last updated our guidance on creating safe and secure passwords, so we thought it’s about time for our 2020 edition of “how to keep your accounts secure”. Specifcally, we’ll be looking at current best practice for creating passwords & passphrases and how to leverage multi-factor authentication.
Two Factor Authentication, 2-Factor Authentication or 2FA is a method of accessing a computer or online account in which the user is granted access only after successfully providing two separate pieces of evidence to an authentication mechanism. This is usually done in the form of a factor that requires memorisation combined with a factor that typically requires physical possession by the user.
One of the most common examples of 2-Factor Authentication is withdrawing money from an ATM, as only the correct combination of a bank card (something you physically possess) and PIN (something only you know) will allow access to the account. Another common example is adding mobile authentication to an online account. For example, you set up 2FA on sites like Facebook that require you to sign in with your password in addition to a PIN that is sent to your mobile phone.
Combining multiple factors, especially those that require physical possession of something by the user, makes it much more difficult for hackers to gain access to an account.