The risk of any of the services you frequently use on the Internet on a daily basis being hacked is increasing, which can expose your bank accounts, important business information, or confidential customer data. Cybercriminals not only have the ability to guess passwords, but when they manage to penetrate the central systems of companies that provide online services such as email, social networks and online stores, among others, they simply gain direct access to their databases and confidential information about thousands, or as has happened in recent cases, millions of users. This includes their user codes and passwords. Given this, it doesn’t really matter how easy or complex your password is – it can be as simple as “123456” or be 16 digits combining letters, numbers and special characters. Today it is clear that a complex password is no longer sufficient protection.
What is 2fa?
2FA, or 2-factor authentication (or 2-step authentication), is a protection method that imposes an additional hurdle for the hacker to overcome when trying to fraudulently access your online accounts. Although we talk about 2 factors, in reality it can be 3 or more. Wikipedia defines 2-factor (or multi-factor) authentication as follows: Multi-factor authentication (MFA) is a method of computer access control in which a user
you are granted access to the system only after you present two or more different proofs that you are who you claim to be. different proofs that you are who you say you are. These proofs can be such as a password, a rotating secondary key, or a digital certificate installed on the computer, among others. a digital certificate installed on the computer, among others.
It is called “factors” because in the context of computer security and access control 3 factors are defined: a secret known to the user (e.g. password or pin), a physical object carried by the user (e.g. cell phone, token) and a unique biometric characteristic (e.g. fingerprint, iris or voice).
How does 2fa work?
2FA offers an additional layer of security in the process of logging into any online service on the Internet. It requires you to know both your username and password, but also requires you to provide a verification code that is sent to a trusted device that you have previously declared to this service. Typically the trusted device is your cell phone (acting similarly to a token commonly offered by financial institutions), however, the code could also be sent to an email of your choice or via other methods. The difference is that the mobile device is something that only you, theoretically, should physically carry, whereas an email could also be breached.
What is the benefit of 2fa for medium-sized companies and startups?
Medium-sized companies or startups may not always have the resources, at least initially, to dedicate time to ensure good IT security practices or to develop and regularly communicate usage policies to their users. That is why a simple and effective method for small businesses is to use 2FA in combination with a Password Management application.
This combination will significantly reduce the risk of a cybercriminal being able to penetrate a company’s core systems. It is a good first step if you do not have the budgets to invest in a long-term plan for IT security.
What should I do?
We recommend the following 4 steps:
- Identify the important online services that contain sensitive and confidential information you want to protect: banks, social networks, email, cloud file apps, etc.) and follow the instructions to activate 2FA with each one.
- Do some research on applications available on the market for Password Management. You can find basic information on the subject here, then choose and install the selected app in your company. We recommend that you install it for personal and family use as well.
- Register all your online accounts in the Password Manager. The more accounts you register, the better protected you will be.
- Enable 2FA in Password Manager to protect your master key – remember that this is the key to your password vault.
Don’t forget that it is always important to change your passwords frequently – especially for accounts that contain sensitive information and access to your money – and not to use the same password for different services.
Enrique Valdez
Founding Partner
Our Nextcloud-based enterprise cloud is a cloud-based file, collaboration and project service; it also includes a Password Manager that offers 2-Factor Authentication (2FA).