Why Accept the Hype? Time to Transform How We Approach Emerging Technology

Why Accept the Hype? Time to Transform How We Approach Emerging Technology

Time to Transform How We Approach Emerging Technology It’s like a rite of passage – a new technology pops onto the scene and the “pundits,” analysts and venture capitalists (among others) immediately start to over-hype the technology: It’ll stop world hunger It’ll cure cancer It’ll
That’s It? After All the Hype and Fear About A.I.? Turns Out They Can’t Do the Hard Stuff

That’s It? After All the Hype and Fear About A.I.? Turns Out They Can’t Do the Hard Stuff

Well, guess we should have known better. A.I. can play Jeopardy, Chess and Go but it seems their capabilities have topped out. Let’s talk about a new A.I. “winter”. A.I. was going to take your job – guess again. A.I. was going to bring a
What Is Two-Factor Authorization?

What Exactly Is Two-Factor Authorization?

What Is Two-Factor Authorization?

Two-factor authorization. Most of us think we know what it is, but a recent news event brought something alarming to my attention: even huge companies misunderstand what two-factor authorization means, and your personal information could end up at risk because of this.

Let’s start with this recent report: United Airlines changed its security protocols.

Originally, the account holder only needed a username and password. Years ago, that was enough. But, in today’s world, simply displaying a username and password is not sufficient for keeping you protected.

Changes have been made to the security structure of United Airlines’ accounts. Instead of just typing in your password and username, they have now integrated two additional security questions for you to answer. Sounds great, right? Well, maybe not so much.

Answering two security questions, in addition to your password and username, is nothing new. Many people do this on a daily basis. A couple examples of these security questions include: “What elementary school did you attend?” and “What was the name of your first pet?”. While these do offer another layer of security, some are up in arms over how small the security blanket really is with these types of questions. Not only that, but United Airlines is claiming these additional security questions are a form of “two-factor authorization.” In reality, they aren’t even close.

What Is Two-factor Authorization?

Two-factor authorization is a much more stable and secure form of protection for people. At the heart of two-factor authorization is the mantra Jon Evans puts forth on TechCrunch (post cited above): “Something you know, something you have.” A third factor (“something you are”) may also be used in conjunction with the first two. “Something you know” is anything from a PIN to a password or even a pattern of some kind. Most people are used to putting in a PIN when they use their credit or debit card to buy gas, for example.

The second factor is “something you have.” This is a physical factor. Most of the time, the physical factor takes the form of a card. Sticking with the gas example, swiping your card at the reader acts as the physical factor. In other instances, you may be given a physical token for one-time use. Either way, a physical factor is in play.

Something you are” is bit more advanced. If you’ve ever used a fingerprint scanner to get into work (along with a card), you’ve experienced two-factor authorization. Along with your fingerprints, your voice is also a form of “something you are.” Both forms are becoming ever more present in the digital world and are key to keeping you safe.

Now you know what two-factor authorization is. But how does it help you? And why is it important? Let’s take a look at the pros and cons of the two security questions and two-factor authorization.

The Difference

A pro for the basic security questions is that it does offer an extra layer of protection to your account. However, that’s really where the pros end. And that’s not good.

A pro of the two-factor authorization method is simple: physicality. Hackers have an extremely difficult time breaking into an account that’s using two-factor authorization. Why? Because they actually need either your physical card (token) or a recording of your voice or a copy of your fingerprint. Essentially, the hacker needs to meet you, physically, and steal your belongings, to hack into your account.

Looking at the cons, the two-factor authorization method really doesn’t have any. However, the cons for the basic security questions are obvious. Not only can hackers successfully hack your account over the computer using these security questions, but the questions themselves pose a problem.

People tend to choose the first two questions to answer. They rarely look at the list and pick two meaningful questions. Thus, hackers have a much easier chance of guessing your answers.

It’s All Up to You Now

In the world of cyber security, two-factor authorization is the way to go. With a physical component attached to it, this method is a much safer choice for your business. If you have any accounts that do not use two-factor authorization, make sure you answer security questions that appear further down the list. According to a senior writer at CNET, the best way to create a safe and secure password is to pick four random words. This will give you a leg up on the criminals.

With the advent of two-factor authorization, hacking should be more difficult. Only time will tell.

By Kayla Matthews

Kayla Matthews

Kayla Matthews is a technology writer dedicated to exploring issues related to the Cloud, Cybersecurity, IoT and the use of tech in daily life.

Her work can be seen on such sites as The Huffington Post, MakeUseOf, and VMBlog. You can read more from Kayla on her personal website, Productivity Bytes.

View Website
Infosec thought leaders

Why you should add a connection broker to your suite of DevOps tools

DevOps Connection Broker When staring down the DevOps path, you have no lack of tools to help you pave the ...
Google Cloud Platform: Enabling APIs

Google Cloud Platform: Enabling APIs

Enabling Google APIs The Google Cloud Platform is a comprehensive tool that helps companies manage their IT resources. Completing software ...
Back to the Future: 2018 Big Data and Data Science Prognostications

Back to the Future: 2018 Big Data and Data Science Prognostications

“We should study Science Fiction in order to understand what someday could become Science Fact.” – Dr. Who? Doc Brown? ...
How IoT and OT collaborate to usher in the data-driven factory of the future

How IoT and OT collaborate to usher in the data-driven factory of the future

The Data-driven Factory The next BriefingsDirect Internet of Things (IoT) technology trends interview explores how innovation is impacting modern factories and supply chains ...
Principles of an Effective Cybersecurity Strategy

Principles of an Effective Cybersecurity Strategy

Effective Cybersecurity Strategy A number of trends contribute to today’s reality in which businesses can no longer treat cybersecurity as ...

"Top 100 Brand Influencer, Cloud”
-ONALYTICA

"Best Cloud Computing Blog"
-SYSADMIN MAGAZINE

"Top 10 Sites For Cloud Computing"
-DIGITALISTMAG SAP

"Top 10 Cloud Computing Blogs”
-MARKETING ENVY

"Top 25 Must Read Cloud Blogs"
-CLOUDENDURE