Why you should be using Two-Factor Authentication (2FA) for everything

In this digital age we live in, it seems that there is no end to the attacks that hackers are coming up with and using to target businesses and innocent people.  The malicious attacks and data breaches continue to be more sophisticated and elaborate than ever before and cybercrime shows no signs of slowing down!  Thankfully, there is action that businesses can take to protect themselves and add an additional level of security to protect their online accounts and systems and this is where Two-Factor Authentication (2FA) comes in.  

 What is 2FA? 

 2FA is a second layer of security to protect an account or system.  When you log on to an account or system, you will need to go through two layers of security before being granted access. This might be in the form of code generated via an app or sent as a text message.  

 Why should I use 2FA? 

In general, people tend to use passwords that are very easy to remember or use the same password for multiple accounts.   If a security question is requested during an account set up, usually this is also information that can easily be found out through all your interactions on social networks and other activities online.  This makes life very easy for hackers and leaves your accounts and systems very exposed to cyber-attacks.   Cyber attackers can also use software on their systems to try and crack your password.  The weaker the password, the easier it is for them to crack it.  

The first important thing to do is to use stronger passwords and this is where a password manager is very useful.  2FA then provides you with an extra layer of protection.  It might be easy for cyber criminals to try and guess your password, but it will be very hard for them to guess the second authentication factor as the code changes every 30 seconds.  This drastically reduces the chances of you being hacked.  In an article written by Microsoft, they report that users who enable 2FA for their accounts will end up blocking 99.9% of automated attacks.  

 How to get 2FA working 

There are a few different 2FA methods that can be used, it might be a code issued by your bank when you are using internet banking or a one-time password (OTP) which is sent to your mobile phone.  Authentication apps are a more secure option to use than text message codes as it is easier for a hacker to gain access to text messages than it is for them to gain physical access to your phone and generate a code without you knowing it.  

 Ilkley IT recommend using the Microsoft authenticator app for your Microsoft accounts and Authy for all your other accounts.  One of the advantages of using Authy is that you can use the app on your phone and your other devices such as desktops or laptops. 

 Which sites allow 2FA 

More and more sites are adding the additional level of protection and supporting 2FA when you log on to your accounts on their sites.  You can check which websites offer 2FA by visiting this site https://twofactorauth.org/. 

You can see if 2FA is enabled on your Office 365 account by logging in here: https://aka.ms/mfasetup. If it’s enabled you will be given options to setup 2FA.  

Don’t wait until you have been a victim of a hack or data breach, to introduce 2FA into your businesstake action today.  The team at Ilkley IT can help and can talk you through the steps to enable 2FA on all your Microsoft 365 accounts.  Contact us today to get this essential second layer of security setup, you will be so relieved you did