It’s been over five years since we released 2-Factor Authentication for our Mail Protection Service, which reminds us how slow-moving some organizations can be in adapting to existing technologies. Including very important ones!
Recently, Googleannounced that the hacks to their system were cut by half just by enforcing 2FA. Why did 2FA have to be enforced? Because less than 5% of its users had 2FA activated! And they have had it for many years!
The reality is that many consumers and businesses still don’t do enough to protect their accounts and, consequently, their private data. According to Security.org, 22% of adults in the US have beenvictims of account takeovers. The research also revealed that 60% of the victims had been using the same password as the compromised account across their accounts, potentially putting their other accounts at risk. Phishing also remains a significant threat. According to CISCO’s 2021 Cybersecurity threat report, 86% of organizations have had at least one personclick a phishing link. And 96% of thesephishing attacks are delivered by email.
In a time when we're thinking about new ways of protecting users - including going passwordless - and we're under new threats - perhaps the industry needs to think first about making available technologies widespread. Here are the most well-known types of "reinforced authentication for users," how they basically work, and what they can do for you:
Multi-factor Authentication (MFA)
Multi-factor authentication goes beyond just using a username and password to gain account access. MFA involves using two or more verification factors or pieces of evidence to gain access to a resource. Examples of these authentication factors include a personal identification number (PIN), password, a code sent to your smartphone, or biometrics.
Two-Factor Authentication (2FA)
2FA is a form of MFA because it uses two types of verification factors. 2FA works by adding an extra layer of protection to your online accounts, such as an additional log in credential like a PIN or security question answer. Another example of 2FA is receiving other login credentials through your device, such as a one-time password (OTP).
The passwordless authentication method allows users to log into their accounting without entering a password. Examples of passwordless authentication include receiving and accessing a “magic link” via email or using an OTP via SMS. Other alternatives to a password with the passwordless method include a biometric, such as a fingerprint or hardware token code. A hardware token is a small device resembling a USB flash drive containing a single-use code that you can use to access a platform.
Open Authentication (OAuth)
With OAuth, there’s no sharing of password data. Rather, the user uses authorization tokens to verify their identity. It allows you to use a third-party service that serves as an intermediary, such as Facebook or Google, to gain access to another platform. Essentially, you’re allowing an application to interact with another without giving away your password.
At AnubisNetworks, we know how critical it is for service providers and enterprises to provide a true layer of security to the email ecosystem to be fully capable for fraud, malware, and spam detection.