Turning on 2FA for a service changes the security requirements, forcing you to provide at least two proofs of identity when accessing a secure service for the first time on an unknown device. How does 2FA work? Isn't it inconvenient? In this article, I answer some of the most common questions people ask me about 2FA. A separate 2019 report from Google offered similar conclusions. If a service provider supports multi-factor authentication, Microsoft recommends using it, even if it's as simple as SMS-based one-time passwords. (Some services, being sticklers for detail, call it multi-factor authentication or two-step verification, but 2FA is the most widely used term, so that's the nomenclature I've chosen to use here.)Ī 2019 report from Microsoft concluded that 2FA works, blocking 99.9% of automated attacks. The solution is two-factor authentication, or 2FA. Social engineering can convince even intelligent people to enter their credentials on a phishing site or give them up over the phone.
It's the only way to maintain unique, hard-to-guess credentials for every secure site you and your team access daily.Īnd even with reasonable policies in place (complexity, changed regularly, not reused), people are still the weakest link in the security chain.
0 kommentar(er)
