When talking about “dual factor authentication” or as it’s also sometimes referred to “two factor authentication”, it sounds pretty techie; Heck, we should probably create some IT acronym in an effort to sound even nerdier. While it may sound like a super technical phrase its actually very simple. When you boil it down it means two forms of authentication, like having two keys to enter a door.
When it comes to the practical world of computing, dual factor usually means when logging into something you have to first enter your password, then you are prompted to enter another form of authentication. This is usually a code generated by your phone or another password that is texted to you from whatever site or application you are trying to log into.
Many of you have already used this technology with your bank. They usually give you a key chain that generates a code for you. In their industry, they commonly refer to that key chain as a token. Thus, when you log into their site, you put in your user name and password and then generate a code from the key chain they provided you.
With dual factor authentication being almost everywhere these days, it seems to be commonly missing from one of the most important places…. your corporate email. In terms of computing and communication, your corporate email has been a staple in your professional life for years. It’s the one thing that hasn’t gone away or been wiped out with some new technology advancement. Given that trusty old corporate email box has essentially been the epicenter of your electronic existence, it’s most likely tied to your bank account and probably just about every other online account you have. That makes it the perfect target for hackers, bots and viruses.
All of the major online cloud players such as Office 365 and Google’s Gmail have it available for use at no extra charge. You may be saying to yourself, “I am no target, who cares about my email?!” but what you need to understand is that in many cases these are automated attacks or ones you can easily stumble on. The online wrong doers are growing increasingly cunning by making a pop or web address that looks like your own. From there all you have to do is think you are logging into your email and poof you just gave your email and password away. From there they can log in, watch your email, watch any financial transactions and dig from there. And unfortunately we have seen this happen.
If you’re anything like me, you are rolling your eyes right now and are thinking “Great! Yet another password.” Typically with dual factor authentication, there are two main types: The first requires you to enter the second/dual “code” every single time. The second, more commonly used one, only requires you to use a code when you log on from a new device the first time. The second case is much moreconvenient and still provides you with outstanding security.
If you are running Office 365 or Google’s Gmail (GSuite) we strongly recommend reaching out to your managed service provider to schedule an implementation.