Password is not enough-Use two factor-authentication!!
Strong Password used to be the best methods of securing our online accounts but not now. Cyber criminals have found the way to crack even complex and strong password with advance high-power processing machines and by brute forcing. To keep our account safe from cyber criminals, multi-factor authentication is required.
- Mallika Srivastav, 8th, D.A.V Public School Jasola Vihar, New Delhi
- Apeksha Maurya, 8th, DAV Public School, Jasola Vihar, New Delhi
- Aryan Mishra, 9th, DAV Public School, Jasola Vihar, New Delhi
- Riya Singh,10th, Navy Children School, Kochi
- Keisha, 7th, Delhi Public School, Pune
Cartoon Contributed by:
- Aaditya Singh, 8th, Navy Children School, Delhi
Using password to stay secure has become a history, we can’t rely only on password. We need stronger protection and authentication mechanism. Password are breakable and guessable. Most of the internet users don’t use strong password, makes cyber criminals’ job easy to break into someone’s account. We need multi-factor authentication. It just means that to login to your account, you need two ways to prove you are who you say you are. It's like the bank or DMV asking for two forms of IDs.
Let’s first know about authentication and how it works.
What is authentication:
Authentication is process of validating the true identify of a person and process so that it can access a restricted information or resource.
For example, we need to provide correct password to login to our computer or email account. In some cases we need to provide more than one information to prove our identity to access the restricted information or resource or service.
Factors on which different types of authentication process is decided
Three factors used in Authentication Process:
- What we know: We need to remember this to authenticate. For example, password or answer to a security question.
- What we have: We need to possess this information. For example, our debit or credit card, Door Access Card, mobile to receive OTP etc.
- What we are: This is built in our body. For example, Fingerprint or retina.
Types of authentication:
- Single-factor authentication: This type of authentication needs any one of the factors such as password or an entry access card or just a fingerprint-based authentication. However, password-based authentication or card/OTP based authentication are the weakest factors since they can be guessed or stolen. But in practice they are the most popular in use.
- Two-factor authentication: The combination of any two factors of authentication is known are Two-factor authentication. Such as a combination of something we know and something we have. For example, to withdraw money from ATM, we need to insert our card (what we have) and provide PIN (What we know). Obviously, even though both the factors in isolation are weak, when they are combined, the authentication process becomes stronger.
- Multiple-factor authentication: It is the combination of something we know, something we have and something we are. Multi-factor authentication is an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence to an authentication mechanism: knowledge, possession, and inheritance. Password + PIN + retina, voice, fingerprints etc. Obviously, this is the strongest authentication process.
Why Single-Factor Authentication is not enough!!
Single Factor Authentication is the most convenient form of authentication and password is the most commonly used method. If it is not kept secret and very strong, it can be easily guessed or cracked using tools. Hackers employ various methods like keylogging, phishing and cracking the password to access the restricted resource.
It is therefore essential that we make the authentication process complex so that it becomes difficult for hackers to access our restricted resources.
- Always enable at least 2-factor authentication in all online account where we share our private data or transact money.
- We must Keep the password quite strong and should not be shared with anyone.
- We should always keep your mobile locked and should not share PIN with any one
- Change your password frequently
- Never keep same password for all accounts