After years of lectures from security experts, businesses have finally begun to accept that a password alone isn’t enough to secure a corporate computing account. Enter two-factor authentication (2FA). It strengthens security by using an additional login method, such as fingerprint scans or facial recognition.
Two-factor authentication is becoming increasingly important as passwords fall victim to phishing attacks or are simply forgotten by users as the ever-growing number of personal passwords we require compete for our brain space.
Fingerprint recognition is a common second identification factor, but security researchers have proven on many occasions that fingerprint readers are subject to hacking.
That’s led security vendors to search for more secure ways to recognize users. More sophisticated biometric technology such as face recognition, voice recognition and retina scanning are coming to the fore as businesses seek 2FA that is more difficult to hack and possible to install on workstations without a spy-agency budget.
Facial recognition is quickly gaining pace due to is wide availability through easily-attainable software that can be teamed with existing webcams that are now standard to most modern desktops and laptops. It also offers speedy log-in and requires little action on the part of the user, and is being built into a growing number of mobile devices.
Voice recognition has also been used successfully for two-factor authentication, and the cost of accurate voice recognition is coming down rapidly. Retina scans, on the other hand, while exceptionally accurate require expensive third-party equipment in order to function.
If you think biometric scanning is still better off in sci-fi films than in your office, you may prefer a hardware solution. Single-use tokens and hardware keys can also be used for 2FA, however this requires your staff to carry a piece of hardware and may be more vulnerable to hacking than biometric techniques. Hardware keys can also be lost or stolen, and disgruntled employees may be resistant to returning them following a termination.
On the plus side, as many hardware keys are physically inserted into USB slots, they often don’t require a network connection to function. Unlike one-time pass codes sent via SMS, hardware keys are generally immune to phishing attacks. And your employees don’t have to give up any personal information to use hardware keys and tokens, which will ease any privacy fears that may be circulating your workplace.
When it comes to securing your data, systems and networks, 2FA is certainly a must. Whether you embrace the future with biometric scanning, or opt for a hardware solution, trusting your security to the strength of your employee’s personal password is no longer good enough.