2FA is more secure than passwords and many high profile hacks, such as those that took place against the Twitter accounts of big media organisations in 2013, could not have happened if 2FA had been in place. Even if a hacker places malware on a PC and steals a password, they are still locked out.
2FA ensures that the hackers have to work that much harder. Static passwords are a cheap and unsatisfactory solution to a very difficult problem and user-created passwords can be easily guessed if they do not contain randomised characters. One time passwords and tokens are much more secure, especially when implemented in hardware such as 2FA.
Simple patterns used to drive passwords can be easily hacked, and static passwords can be intercepted and re-used maliciously without consent. Smartly crafted and targeted phishing attacks mean more people are falling for these, as well as other socially engineered attacks, and 2FA can help mitigate the increasing risks.
With companies allowing staff to work from home, or to be mobile, the danger is that few companies are providing secure access to company networks, putting corporate data at risk. 2FA provides an extra layer of security for the mobile workforce when accessing a company’s VPN remotely – an office based user has to go through several layers of physical security to access company information, why should a remote user be exempt. Combining something you know (PIN/Password/username) and something you have (cellphone/token/smart card) provides a more secure login process and cannot be easily guessed.
Another very important reason why 2FA has become an essential for businesses is the Protection of Personal Information Act (POPI). Given the weakness of password-only systems in today’s IT landscape, particularly related to password reuse, a ‘responsible organisation’ should implement 2FA to reduce the risks against personal information being accessed under their control.
There is no ‘magic bullet’ for attacks, however, 2FA is better than any password and as such with external security, that extra layer may deter any lurking cybercriminal!