Put simply two factor authentication is a requirement to prove who you are twice, before being allowed access.

The most common use of two factor authentication with your bank because you have two factors:

  1. Your bank – debit – credit card is something you HAVE
  2. Your PIN number is something you KNOW

rsa keys SecurID SD600 SID 700

In corporate online banking in Canada and the United States and in personal online banking in most of Europe, it used to be quite common for banks to issue customers small USB sized dongles (named “RSA Dongle” “Security Token” “Duo Key” “Titan Dongle”…) that had a tiny screen that displayed an apparently random number that changed ever 30 seconds.  That little dongle and the bank both used the same algorithm so the bank would know what the number would be at any given time.  The banks webpage would prompt for your username and password (something you KNOW) and the code on that dongle (something you HAVE).

It is now quite common for banks to issue their corporate customers (and some consumers) a USB stick that simply contains a unique number or the smartcard chip that would also be on the users physical bank – debit – credit card.  When customers try to sign into the banks website it requires that USB stick to be plugged in (something you HAVE) and the customers  username and password (something you KNOW).

yubikey nitrokey inside smart card chip

Two factor authentication is not a perfect way to stop hackers for instance:

  1. It is surprisingly quite possible for hackers to gain access to the global telecom texting system and intercept verification texts sent to your cell
  2. Social engineering has been used to trick people into giving hackers their second factor (i.e. calling a person claiming the be the bank and requesting their code on their RSA dongle, or the code the verification code they just received by text)
  3. Physical dongles can be stolen or temporarily accessed by a spouse, cleaning staff, co-worker… especially if they are left sitting on a desk

nymi heart is your password

There are some better ways to provide that second factor, like biometrics.  For instance it is not uncommon to requiring a user to swipe their fingerprint or look at their camera so their eye’s iris can be scanned.  Today we see custom bands and popular fitness trackers (like the AmazFit Band 5, Apple Watch, FitBit or Samsung Fit2) monitoring your unique heartbeat patterns used as a second factor.  Your heart beat could be part or your password future.

 


5 Comments

SOLVED: Top 25 Worst Most Common Passwords In Canada – Up & Running Technologies, Tech How To's · September 6, 2023 at 7:43 pm

[…] requiring two factor authentication (2FA/MFA) […]

SOLVED: Top 25 Worst Most Common Passwords In The United States – Up & Running Technologies, Tech How To's · September 4, 2023 at 3:31 pm

[…] requiring two factor authentication (2FA/MFA) […]

SOLVED: Top 200 Globally Recognized Worst Passwords: A Comprehensive List – Up & Running Technologies, Tech How To's · September 1, 2023 at 1:29 pm

[…] using two factor authentication like Microsoft Authenticator, Okta or Duo […]

7 Benefits of Using Financial Apps on Your Phone – Up & Running Technologies, Tech How To's · May 17, 2023 at 5:56 pm

[…] than if you were storing it on a physical device or in a paper file. Additionally, many apps offer two-factor authentication to further secure your […]

SOLVED: VIDEO: Step by Step Setup Office 365 MFA (Two Factor Authentication) Using the Microsoft Authenticator App – Up & Running Technologies, Tech How To's · February 11, 2021 at 5:24 pm

[…] We explain what is multifactor authentication (MFA), what is two factor authentication (2FA)? […]

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *