What Is Two-Factor Authorization?

What Exactly Is Two-Factor Authorization?

What Is Two-Factor Authorization?

Two-factor authorization. Most of us think we know what it is, but a recent news event brought something alarming to my attention: even huge companies misunderstand what two-factor authorization means, and your personal information could end up at risk because of this.

Let’s start with this recent report: United Airlines changed its security protocols.

Originally, the account holder only needed a username and password. Years ago, that was enough. But, in today’s world, simply displaying a username and password is not sufficient for keeping you protected.

Changes have been made to the security structure of United Airlines’ accounts. Instead of just typing in your password and username, they have now integrated two additional security questions for you to answer. Sounds great, right? Well, maybe not so much.

Answering two security questions, in addition to your password and username, is nothing new. Many people do this on a daily basis. A couple examples of these security questions include: “What elementary school did you attend?” and “What was the name of your first pet?”. While these do offer another layer of security, some are up in arms over how small the security blanket really is with these types of questions. Not only that, but United Airlines is claiming these additional security questions are a form of “two-factor authorization.” In reality, they aren’t even close.

What Is Two-factor Authorization?

Two-factor authorization is a much more stable and secure form of protection for people. At the heart of two-factor authorization is the mantra Jon Evans puts forth on TechCrunch (post cited above): “Something you know, something you have.” A third factor (“something you are”) may also be used in conjunction with the first two. “Something you know” is anything from a PIN to a password or even a pattern of some kind. Most people are used to putting in a PIN when they use their credit or debit card to buy gas, for example.

The second factor is “something you have.” This is a physical factor. Most of the time, the physical factor takes the form of a card. Sticking with the gas example, swiping your card at the reader acts as the physical factor. In other instances, you may be given a physical token for one-time use. Either way, a physical factor is in play.

Something you are” is bit more advanced. If you’ve ever used a fingerprint scanner to get into work (along with a card), you’ve experienced two-factor authorization. Along with your fingerprints, your voice is also a form of “something you are.” Both forms are becoming ever more present in the digital world and are key to keeping you safe.

Now you know what two-factor authorization is. But how does it help you? And why is it important? Let’s take a look at the pros and cons of the two security questions and two-factor authorization.

The Difference

A pro for the basic security questions is that it does offer an extra layer of protection to your account. However, that’s really where the pros end. And that’s not good.

A pro of the two-factor authorization method is simple: physicality. Hackers have an extremely difficult time breaking into an account that’s using two-factor authorization. Why? Because they actually need either your physical card (token) or a recording of your voice or a copy of your fingerprint. Essentially, the hacker needs to meet you, physically, and steal your belongings, to hack into your account.

Looking at the cons, the two-factor authorization method really doesn’t have any. However, the cons for the basic security questions are obvious. Not only can hackers successfully hack your account over the computer using these security questions, but the questions themselves pose a problem.

People tend to choose the first two questions to answer. They rarely look at the list and pick two meaningful questions. Thus, hackers have a much easier chance of guessing your answers.

It’s All Up to You Now

In the world of cyber security, two-factor authorization is the way to go. With a physical component attached to it, this method is a much safer choice for your business. If you have any accounts that do not use two-factor authorization, make sure you answer security questions that appear further down the list. According to a senior writer at CNET, the best way to create a safe and secure password is to pick four random words. This will give you a leg up on the criminals.

With the advent of two-factor authorization, hacking should be more difficult. Only time will tell.

By Kayla Matthews

Kayla Matthews

Kayla Matthews is a technology writer dedicated to exploring issues related to the Cloud, Cybersecurity, IoT and the use of tech in daily life.

Her work can be seen on such sites as The Huffington Post, MakeUseOf, and VMBlog. You can read more from Kayla on her personal website, Productivity Bytes.

View Website
Cloud Security Alliance Issues New Code of Conduct for GDPR Compliance

Cloud Security Alliance Issues New Code of Conduct for GDPR Compliance

EDINBURGH, Scotland, Nov. 21, 2017 /PRNewswire-USNewswire/ -- The Cloud Security Alliance (CSA), the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today released the CSA Code of Conduct for ...
Journey Science In Telecom: Take Customer Experience To The Next Level

Journey Science In Telecom: Take Customer Experience To The Next Level

Journey Science In Telecom Journey Science, being derived from connected data from different customer activities, has become pivotal for the telecommunications industry, providing the means to drastically improve the customer experience and retention. It has ...
How to Improve the Backup Success Rate of Data Centers?

How to Improve the Backup Success Rate of Data Centers?

Improve Backup Success Rate According to industry analysts, a significant number of backup jobs (from 5 to 25%) are failing across various tiers of data centers. This impacts datacenters heavily on revenue loss, SLA-based penalties, ...
Death of Traditional Enterprise Storage

Death of Traditional Enterprise Storage

Traditional Enterprise Storage Back in 2003, Chris Pinkham and Benjamin Black, two engineers working for Amazon.com, proposed a dramatic overhaul of the company's computing infrastructure. In a paper written for CEO Jeff Bezos, the pair ...
CloudTweaks Q&A: How Smart Will Your City Be by 2025?

CloudTweaks Q&A: How Smart Will Your City Be by 2025?

How Smart Will Your City Be by 2025? What role does back end infrastructure play in connecting IoT devices? Probably the same infrastructure as we would want to see with an efficient regular (i.e. non-IoT) ...

CLOUDBUZZ NEWS

Facebook Joins FIDO Alliance Board of Directors

Facebook Joins FIDO Alliance Board of Directors

Aligns with other leading global technology, financial services and e-commerce companies in effort to reduce world’s reliance on passwords MOUNTAIN VIEW, Calif., May 15, 2018 (GLOBE NEWSWIRE) -- The FIDO Alliance announced today that Facebook has been appointed ...
Worldwide Services Revenue Posts Steady Year-Over-Year Growth in the Second Half of 2017, According to IDC

Worldwide Services Revenue Posts Steady Year-Over-Year Growth in the Second Half of 2017, According to IDC

FRAMINGHAM, Mass. May 15, 2018 – Worldwide revenues for IT Services and Business Services totaled $502 billion in the second half of 2017 (2H17), an increase of 3.6% year over year (in constant currency), according to ...
Oracle Blockchain Cloud Service and Financial Services Enable Next-Gen Blockchain Innovators

Oracle Blockchain Cloud Service and Financial Services Enable Next-Gen Blockchain Innovators

Students Tackle Real Problems and Succeed in Blockchain Challenge In an effort to accelerate blockchain innovation in Financial Services and other industries, Oracle recently joined academia and banking industry leaders as part of the Carolina Fintech ...
The Lighter Side of the Cloud - Procurement
The Lighter Side Of The Cloud - Really Smart Machines
CloudTweaks Comic
The Lighter Of The Cloud - Virtual Lunch Break
The Lighter Side Of The Cloud - Big Broadband
The Lighter Side Of The Cloud - Checking It Twice
The Lighter Side Of The Cloud - iPatch
The Lighter Side Of The Cloud - Wearable Infection
The Lighter Side Of The Cloud - The Autobiography