Stop Ignoring Two-Factor Authentication Just Because You’re Lazy

Written by

A large number of people and businesses are missing out on a simple, effective online security solution by ignoring two-factor authentication (2FA). The only requirement is to enter a code or press a button on a separate device from the one being used, yet for many, that effort seems too great. Laziness literally becomes the weakest point in their data protection systems. 

If this sounds familiar, it’s time to change, as 2FA strengthens the security of all-important apps, including those where you share financial details such as banking and shopping apps – but to work, it has to be used.

2FA is Confusing, But That’s No Excuse

One of the main arguments surrounding 2FA is that it’s seemingly cumbersome and instructions on how to use it are unclear. For instance, some users find the whole process so confusing that they need a full demonstration before implementing it. While this may work in a business situation or at an expo where a representative is able to explain the system, for the man on the street this is simply not an option.

If a 2FA system isn’t user-friendly, people find it easier to not use it at all (read: people are too lazy to learn how to do it properly), but that’s no reason not to use an effective safety measure. The small amount of effort you need to put in to understand 2FA authenticators will save you huge security headaches down the line.

Why Reducing Risk Gets Ignored

With the current trend towards instant gratification the idea of having to learn something new when a system already seemingly works is a major stumbling block. Often, the idea of enhancing cybersecurity measures doesn’t take hold until it is too late. The threat seems too far removed, and adding more security features when none have been breached (as yet) is overkill, annoying, and seen as unwarranted.

Digital security measures such as 2FA apps or encryption software that stand in the way of hackers and other criminals are never absolute and cannot guarantee 100% safety, but, what they can do is help people and organizations ensure all reasonable steps have been taken to safeguard the privacy of confidential information.

As well as facilitating the smooth flow of projects, which could experience serious setbacks in the event of a data breach, these reasonable steps are important from a legal perspective. If a client’s details have hacked, a company could be liable if it’s unable to prove that all possible (that is, reasonable) measures were put into place to prevent such an event. Therefore, 2FA is a very logical measure to implement and one that should not be passed over simply because it requires extra effort.

The Password Problem

Many people simply assume that because a password is used, their data is safe. Yet no matter how secure a person believes their password to be, it’s certainly not uncrackable. By their nature, passwords that are easily remembered are personal, and, as such, can be decrypted.

Password managers add an extra layer of security, but they’re not infallible either. Security consultancy Independent Security Evaluators (ISE) studied four major password managers in 2019 and found significant flaws in the protection offered by all of them.

By implementing 2FA, an additional, less crackable layer of security is added. While passwords are vulnerable, having to authenticate access from a secondary device, app or system makes it so much harder for hackers to gain access.

The tools to improve security are readily available and being lazy is no excuse. 2FA provides a valuable layer of added protection and it should be utilized whenever and wherever possible.

What’s hot on Infosecurity Magazine?