Two-factor authentication or 2FA is virtually painless and greatly mitigates the risk of compromised personal and enterprise data.
People don’t like to be told “take your medicine” much less read about it. However, an ounce of prevention goes a long way. Whether you wish to add a layer of security beyond the common password to your personal or corporate email account, or whether you are a FinTech vendor looking to further secure your platform, consider implementing two-factor authentication to the user login process.
Two factor authentication greatly reduces the risk of data breaches where bad guys seek to capture personally identifiable information (“PII”) data. Email services, brokerage accounts, trading platforms and CRM systems are examples of products and services that store PII data.
Two factor authentication (which isn’t a silver bullet against hackers), is the process by which an additional security layer is added to the login process. This may take the form of a physical key or a temporary password delivered to your device.
I’ve implemented the latter across my personal and corporate email accounts. During the login process, a one-time passcode is sent to me via SMS mobile messaging after I’ve entered my account user ID and password. The passcode is temporary and becomes invalid once I have input it and the application becomes active. I foresee a time when many enterprise applications will make 2FA mandatory.