Why two-factor authentication matters

Two-factor authentication is becoming increasingly popular online, and with good reason.

In an age where cyber-criminals will go to great lengths to obtain personal details, simply entering your username and password when prompted can prove a weak defense to hackers’ increasingly sophisticated attacks.


Hackers which manage to uncover users’ login details – either by a phishing attack or by hacking a website’s archive of login details – can quickly put the information to use. And suitably armed, they are able to access users’ email accounts, social media profiles and online shopping preferences in key retailers.

And this is the reason more organizations have made the switch to two-factor authentication.
Even the simplest such system can ensure those who are attempting to log into an account are the legitimate owners of the profile, allowing the site to block any unwanted visitors.


The principle is pretty simple, but also greatly effective. By requiring a user to input a unique code which is sent to a personal device – typically a mobile number or another email address – a website can ensure the user attempting to log in is exactly who they claim to be.

Depending on the website you visit or app you access, two-factor authentication can work in a number of ways. For instance, when you connect an iPhone to a PC, iTunes will automatically send a code to the phone which you will then need to input into the computer to access settings and content.

Other websites will send a code for you to input by text, while others will send you an email asking to click through a separate link to confirm your identity.


Some mobile and tablet apps use fingerprint identification as a second way of confirming you are the right person. For instance, Barclays asks you to log in with a pre-set passcode and then uses the iOS/Android fingerprint recognition software to confirm the user’s identity.

Some banks require their account holders to insert their bank card into a separate card reader to generate a one-time unique number for the user to input during log in, meaning anyone accessing the service must have the user’s log-in details, bank card and card reader to access their accounts.


It is these kinds of additional layers which stack up to ensure their service is truly secure – far more so than simply entering family details, such as the maiden name of the user’s mother.

Two-factor authentication is key to keeping users safe online which is why Penta recently partnered with security giant Duo to offer an extra layer of security to its services.

Founded in 2010 Duo, provides authorisation and access verification services to companies including Facebook, Toyota and Kayak.


With so much confidential data handled online, security is key, so the added benefits these services will bring will add extra piece of mind to Penta’s clients and thus their customers. Duo’s data dashboards allow you to measure and monitor your company’s risk of getting phished from one main control centre.


Get yourself protected

 Protecting yourself after Facebook’s hack attack
 Why Facebook users need two-factor authentication
 UK Business Insider

 UK public sector switching on
 Adding layers to UK bodies’ security systems
 Open Access Government

Related Posts