TechStarters Logo
Blog Home
How to Better Secure the Cloud: Using Two-factor Authentication

How to Better Secure the Cloud: Using Two-factor Authentication

Your sensitive information on your computer, tablet, or mobile device can easily be breached and fall into the wrong hands if you don’t invest in the right security. Two-factor authentication can add an extra layer of security and dramatically reduce your risks of a hostile takeover of all your data. Two-factor security can easily be implemented in your modern cloud services.

Someone out there who is capable of accessing your cloud service, such as email, can sabotage your accounts, or otherwise unleash unnecessary havoc on your accounts. With two-factor authentication (2FA), any attempt made to sign in on an unrecognized device requires you to enter a secret code, sent as either a text message or generated by an authenticator app you can previously register. Multiple authenticator apps are available which follow open standards for generating time-based, one-time passwords.

To properly use 2FA, you’ll need to enable the feature on the service you wish to secure, then associate the account with a device you frequently use. You can do this by adding a phone number, then receiving a one-time password from the service via text message and entering the password at the website to confirm that the device being used is yours and can be trusted.

2FA is highly effective because you are signing onto a device which has not previously been used with the service, therefore you are requested to give additional proof in the form of the access code. So if you’re a thief using phished credentials, you’d be out of luck at this point in the security breach.

Every access code is generated based on shared secrets and the current time. These codes are beneficial since they are also only good for a limited time, therefore providing proof that you are the authenticated user since you can respond to the code immediately if it’s sent directly to your phone. Depending on service, entering a code might immediately establish the current device as trusted, or you might be given the option to trust the device.

So if a hacker or unauthorized user attempts to steal your information that’s protected by 2FA, they won’t be able to do any damage since the unauthorized person is signing on an unrecognized device. 2FA might make things a little more inconvenient or hassle you a bit, but for a slight inconvenience, these new security measures are highly recommended. Having the assurance that your secrets will be safe even in the event of a breach is worth these few couple seconds of authorization.