• Skip to main content
  • Skip to primary sidebar
  • Home
TechTidBit – Tips and advice for small business computing – Tech Experts™ – Monroe Michigan

TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Convenience And Security: The New Face Of Two-Factor Authentication

July 31, 2014

Michael Menor is Vice President of Support Services for Tech Experts.

Security may be part of an IT professional’s daily world, but these days consumers are just as concerned about protecting their privacy online. It’s no surprise that many businesses are trying to boost their brand image and differentiate themselves from their competitors by promising superior security.

Yet there’s one security action that many of them could take and don’t: two-factor authentication. We all know that online authentication issues can cost both businesses and consumers a high price through cyber-attacks, online fraud and identity theft.

Two-factor authentication has always been a strong solution in mitigating these attacks. By offering secure login, it protects company reputations and provides consumers with an added layer of security during online purchases, personal banking and other digital transactions.

So why aren’t more organizations implementing it? In a word: inconvenience. Businesses are afraid of annoying their buyers by demanding multiple passwords or asking them to take an extra action that might spur them into abandoning the sale.

In a landscape where catering to customer wishes is a common business mantra, risking customer irritation seems dangerous. After all, this is the digital age where consumers expect everything to go faster and smoother and easier online, whether they’re checking email, watching a video or doing their holiday shopping.

Of course, it’s also the age of digital crime. Two-factor authentication might seem user unfriendly at the outset, but ultimately it’s in the consumer’s best interest.

Still many organizations, including those with sensitive information to protect, hesitate to use it. I ran into this recently during a security discussion with a financial institution.

When one of its top executives and I discussed ways to protec their customers online, I asked if the company used two-factor authentication. The executive shook his head and told me the business didn’t want to inflict that “inconvenience” on their customers.

It’s a classic quandary that many organizations find themselves in: they want to offer their customers the utmost in digital security, but worry that if they make that security too complicated or inconvenient, they won’t have customers to protect.

Caught between the Scylla of risk and the Charybdis of inconvenience, these organizations have mostly chosen to forgo two-factor authentication and accept the risk on behalf of their customers.

Luckily there are some new innovations that are solving this very issue, including a unified two-factor authentication protocol in the works, and technologies that manage to sidestep the inconvenience issue.

Next Gen Authentication
It’s worth noting that two-factor authentication is required by the Payment Card Industry Data Security Standard (PCI DSS) for secure remote connectivity.

This is understandable, when you consider the rising number of website and retailer breaches where the hackers obtain buyer addresses, credit card numbers and other highly sensitive information.c473479_m

But two-factor authentication isn’t just for eCommerce and financial institutions. As the digital health movement surges in popularity, it can be an excellent safeguard for patient Web-based apps as well.

In fact, two-factor authentication looks more and more like a smart security measure for pretty much any process that requires user authentication.

There may be plenty of password-cracking tools on the market, but in theory, even a successful crack won’t get a hacker into an account – not with the second form of authentication stopping him. This is why two-factor authentication continues to be an ongoing quest for many innovative companies out there.

Take OAuth, a popular protocol that provides a reference architecture for universal strong authentication across all users and devices over all networks. There are also cloud-based tools that seamlessly integrate into existing application login workflows using a robust API that works with smartphones and multiple platforms.

Not all two-factor authentication tools are perfect, of course. SMS-based techniques such as texting to reset passwords are compromised on a regular basis, either through malware on the phone or other vectors.

Ultimately hardware is the safest way to go, as seen in several clever two-factor solutions. For instance with some tools, users log in with their usernames and passwords, then activate their second factor by pressing a button on a USB device, which quickly enters a one-time password that is usually only good for a matter of seconds.

Each previous password is invalidated, so that even if a hacker records it, it’s worthless for all future access. Some of the hardware is engineered to work with NFC-enabled smart phones, allowing mobile security without the risk of traditional SMS two-factor authentication.

From cumbersome to convenient
It should be obvious by now that the face of two-factor authentication has changed. The days of burdensome multiple login steps and passwords are over. New two-factor technologies offer speed and convenience to users; brands can assure customer safety during online payments and activities without requesting additional action.

In short, it’s the kind of layered security demanded in these attack-prone times. Let’s hope organizations will look beyond the more primitive two-factor offerings of the past, and embrace new technologies that can provide customers with the protection they deserve.

(Image Source: iCLIPART)

Filed Under: Security Tagged With: Security, two-factor authentication

Primary Sidebar

Browse past issues

  • 2025 Issues
  • 2024 Issues
  • 2023 issues
  • 2022 Issues
  • 2021 Issues
  • 2020 Issues
  • 2019 Issues
  • 2018 Issues
  • 2017 Issues
  • 2016 Issues
  • 2015 Issues
  • 2014 Issues
  • 2013 Issues
  • 2012 Issues
  • 2011 Issues
  • 2010 Issues
  • 2009 Issues
  • 2008 Issues
  • 2007 Issues
  • 2006 Issues

More to See

Five Reasons To Be Wary Of AI

May 19, 2025

Don’t Trust The Cloud Alone: Backup Your Cloud Data

May 19, 2025

Seven New And Tricky Types Of Malware To Watch Out For

May 19, 2025

Are You Leaving Your Office Door Open?

April 14, 2025

Tags

Antivirus backups Cloud Computing Cloud Storage COVID-19 cyberattacks cybersecurity Data Management Disaster Planning Disaster Recovery E-Mail Facebook Firewalls Hard Drives Internet Laptops Maintenance Malware Managed Services Marketing Microsoft Network online security Passwords password security Phishing planning Productivity Ransomware remote work Security Servers smart phones Social Media Tech Tips Upgrading Viruses VOIP vulnerabilities Websites Windows Windows 7 Windows 10 Windows Updates work from home

Copyright © 2025 Tech Experts™ · Tech Experts™ is a registered trademark of Tech Support Inc.