The problem with passwords – and why the answer is two-fold

The problem with passwords – and why the answer is two-fold

Hacks and data breaches are becoming the norm, as more and more aspects of our lives move online. Yet in many cases, the damage done could have been mitigated if users were using two-factor authentication to secure their accounts.

Why? While using the name of a family member, pet, or favourite holiday destination may make it easier for us to remember our passwords, it also makes it easier for hackers to guess them and steal credentials, or crack passwords with automated brute force programmes. Particularly as more than 80 per cent of people use the same password across multiple accounts.

The latest Verizon Data Breach Investigations Report shows 81% of hacking-related breaches last year leveraged stolen or weak passwords; an almost 20% increase over the previous year. This shows that the password problem is not just persisting but is getting worse. So, what can organisations do?

Two-factor authentication adds an extra layer of security

While single-factor authentication – a password – is easy for users, it makes the system vulnerable to cyberattacks. Two-factor authentication, however, adds an additional layer of security to accounts, whilst remaining simple for customers to use.

ATMs have used two-factor authentication for decades: you take one thing (the card) and combine it with a second factor (your PIN) to unlock your account. With online passwords, two-factor authentication delivers a one-time pin to the users’ mobile device, which they enter before accessing the account. Not only does this prove they have the correct login details, it also confirms they have a device associated with their account in their possession. These two factors combined dramatically improve account security and make it a lot harder for hackers to gain access.

PIN code deliverability is key for two-factor authentication to work. One way to deliver a password to users is through a mobile app, but this relies on numerous pieces of the puzzle fitting together successfully: the user must download and activate the app, the app must      be connected to each service, one by one. Not only that, but platform and version incompatibility can cause the apps to fail. The most reliable password delivery method is through SMS as it has over a 90% delivery rate and is available on the vast majority of phones.

The benefits for businesses

While two-factor authentication is one of the most effective ways for organisations to reduce cybercrimes such as identity theft, hacking and phishing, it also increases customer loyalty and trust.  Consumers know that security breaches are unpredictable—and sometimes out of a company’s control—but organisations that implement two-factor authentication signal to consumers that they take security seriously. This is increasingly important as we trust more and more of our lives to online services. By creating a secure brand and experience with two-factor authentication, businesses can ensure that consumers continue to have confidence in the security of their personal data. Two-factor authentication also means that consumers are more likely to trust other consumers on marketplace websites, like eBay or PayPal, knowing that everyone on the system must pass through the same tight security as they did.

The fact is, when it comes to cybersecurity, two-factor authentication is no longer a ‘nice-to-have’. Businesses need a universally compatible and reliable way to implement it for data breaches to become a thing of the past.

The need for expertise in this field is growing, but currently demand for computer science skills far outstrips the supply of qualified graduates. The University of York’s 100% online      Masters in Computer Science with Cyber Security is designed for working professionals and graduates who may not currently have a computer science background and want to launch their career in this field. It equips graduates for a range of positions in security engineering, software development, programming and computer and mobile networks.

There is no need for campus visits as the course is delivered 100% online – this is your computer science Masters degree, on your own terms, in your own time. Choose from six start dates per year, enabling you to study around your current job and home commitments. There’s also a pay-per-module option available, so there don’t have to be any large upfront fees. Some students may be eligible for a government backed postgraduate loan which covers the cost of the course.

Find out more and begin your application