For many individuals, the first and most likely last line of defense against unauthorized access of their various email and online accounts is Two Factor Authentication (TFA). Also referred to as 2-step verification, this is an authentication mechanism meant to bolster a password system by requiring not just the password, but also something that only the user has access to.
For example, a system with 2-factor authentication may refuse access even if a password is correctly keyed in, until the user has keyed in another set of codes sent to another email or a mobile device. Some go further and actually require randomized keys provided by a USB dongle or mobile app.
The main purpose of TFA is to prevent unauthorized access even if a hacker has gained access to a person’s username and password, by keeping half of the login process tied to something only the actual user knows or has access to. So far the system has worked well and is now widely adopted. But as with any security system, it is by no means perfect—there are advantages and disadvantages that people must consider.
Disadvantages of Two Factor Authentication
- TFA Makes People Complacent – the fact that two factor authentication improves security can also sometimes lead to its downfall. People who use it may get complacent and could lead to successful breaches not being discovered until it is too late. Despite the extra layer of security, two factor authentication is still subject to common threats. Devices used for 2FA can still be stolen or used without being known by the owner, and 2FA that use authentication tokens are still subject to the security of the issuer or manufacturer. If the dongle or token has a security flaw, the 2FA can be rendered useless.
- TFA Attracts More Sophisticated Attempts – this is by no means a fault of TFA, but an irony inherent in cyber security. Two factor authentication attracts the most skilled hackers because of the many high value applications that use it. Think of it as having a big target painted on your account’s back.
- Careless People Can Lock Themselves Out of Their Accounts – since security is tightly wound around having another layer of security, such as another device or an extra email account, individuals who are careless may accidentally lock themselves out of their own accounts by losing their phones or the email address used for two factor authentication.
Advantages of Two Factor Authentication
- Helps Fill In Security Gaps – Two factor authentication helps solve problems usually caused by lapses in security practices, such as weak passwords or using the same password for different accounts. Provided that the user doesn’t commit the completely avoidable mistakes outlined earlier in this article, a two factor authentication keeps your accounts secure and airtight. Even having your password compromised won’t let your data fall into the wrong hands if you have two factor authentication enabled.
- Reduces Data Theft – this works so much like herd immunity, which is a principle used to describe how people who get vaccinated help lessen the risk for people who aren’t. The more people that enable two factor authentication, the less number of accounts that can be exploited and breached, thus reducing the vector of attack for hackers.
- Reduces Operational Costs – two factor authentication actually helps companies save on operational costs. Even discounting all the savings from costly data breaches and hacks, having two factor authentication allows organizations to relax their security a little bit and let employees access their accounts even when outside of the office.
While not perfect by any means, two factor authentication is currently the best security upgrade that individuals and companies can have. It does have disadvantages, but most of them are inherent in any additional layer of security. As long as people practice common sense and are not careless to the point of ineptitude, a good 2FA can easily keep any system secure.