2 Factor Authentication Explained (2FA)🎯

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hey everybody it's andy here to talk about keeping your digital information safe through what we called identity verification specifically we're going to talk about two-factor authentication which is also called 2fa now a lot of you have probably heard of two-factor authentication but what exactly is it why is it so important and how do you use different types of 2fa to improve your online security well let's get into it so with everything moving online it's important to protect your information two-factor authentication is just one of the ways to help 2fa is when you use more than one thing to prove your identity it is part of something called multi-factor identification which uses several components to figure out if someone is who they say they are when they want to access something online for example your username and password can be hacked right but it's much more difficult to also hack a six-digit code sent to your phone which you can then put into the browser to confirm your identity that's 2fa also it's helpful to understand how we verify our identity in general so there are three main ways for users to identify themselves when they need to log into somewhere or access an asset they are knowledge possession and inherent identification in other words something you know something you have and something you are and when you use more than one tool it becomes two factor identification makes sense right okay let's break these categories down even further first let's take a look at knowledge verification you can verify your identity by confirming something you know this is hands down the most popular form of authentication think of your username and password this works if you keep the information to yourself and it also helps if you have a strong password or use a password manager to track all of your different passwords because if your password isn't secure then your identification isn't either right and so i highly recommend researching password managers to make sure this component of 2fa stays as secure as possible and i do have a video where i discuss my top password manager recommendations and i'll i'll link that down in the description below if you want to check it out now in addition to passwords some sites use an email or text to set up a sort of one-time pin where it generates a sequence of letters for each individual login you see this on a lot of banking sites for example the good news is using a cell phone for two-step authentication is really common now and adds a a great layer of security you normally access your phone with the passcode anyway which already improves security so let's say you have a username and password and for 2fa an app on your phone generates a code that you have to enter into a website to log in that way even if your password is your dog's name and your birth year it'll be pretty tricky to circumvent a code from a 2fa app now these apps are available on both google and apple operating systems however there are some disadvantages to this technique some people may not be comfortable giving their phone number to a website and some websites once they have your number may use it for their own nefarious purposes like targeted advertising the horror but overall it's pretty secure uh next let's talk about possession verification for possession verification aka something you have think about using a key to unlock a door you must actually possess that physical token itself examples of this can be a usb stick a bank card or a magnetic key to open a security door as far as computer systems are concerned you may have something called a disconnected token this token is not attached to your computer and normally has a built-in screen for the user to enter their data on the other hand connected tokens are like a usb drive they are are physically connected to the computer and transmit their data automatically also a a software token is a type of 2fa device which can authorize the use of a service they may be stored in a general purpose device such as a laptop or a desktop or mobile phone so someone can can only access that specific thing if they have the actual laptop or phone now the basic risks to this are obvious loss and theft many organizations don't even allow you to use a usb stick at work because they're scared that their systems will be affected with virus so if you frequently lose your car keys maybe think carefully about this one all right that brings us to inherent identification factors these are factors associated with the user and are usually biometric in some way biometrics could include a fingerprint or your face uh even voice recognition biometrics is really the modern version of possession authentication i mean you you possess your fingerprints your eyes and your voice they are all easily accessible and this is much better than carrying a hardware device around with you that may get broken or stolen or lost so financial institutions uh and businesses and government facilities are increasingly using something called behavioral biometrics to increase security behavioral biometrics are measured patterns in human activities they include things like keystroke dynamics gate analysis mouse use characteristics and even signature analysis so depending on where you work uh you may be right they are always watching well just kidding sort of anyway there's also a fourth factor of identification called location verification which we're starting to see a bit more this involves someone's physical location for example if you were connected to a specific wi-fi or vpn network then you could access something with only a pin number but if you were on another network then you would need additional verification to access what you need so two-factor authentication is still growing and changing uh there are recent advances in the field to try to create more user-friendly 2fa systems and some of them are are kind of awesome one new idea for example includes comparing ambient noises captured by a cell phone with the noise recorder of by a computer in the same room here the authentication is the proximity of the user's phone to the device being used to log in this is verified by com comparing the ambient noise picked up by both device microphones and the recording of the audio is automatic and does not need you the user to input anything and uh you just type in your normal password and the 2fa is done remotely now let's break down a couple of specific 2fa examples first authenticator apps authenticator apps generate codes locally on your phone based on a secret key on the website you want to enter the underlying technology is called time-based one-time password and it is part of open authentication architecture so a site offering this type of authentication will show you a a secret key and a qr code containing it you can enter that key into the app or scan the qr code into the app you can scan the image into multiple phones or tablets and you can even print out a copy of it and keep it as a backup once you have scanned or put in the code manually your application will produce a new six digit code every 30 seconds and you have to enter one of these codes in addition to your username and password in order to log in also duo push and apple's trusted devices method uh send a prompt to your device when you log in this prompt uh indicates that there was there has been an attempt to log in and gives an estimated location for the attempt you can then deny or accept this attempt and so this is an improvement on the authenticator app in two ways first it is much easier than typing in a code and is a little more resistant to phishing okay next up is the fido security keys fido also called universal second factor or usf is a new type of two-factor authentication using small usb devices basically you register your device on the site and then each time you log in you are prompted to connect your device and tap it to log in the device recognizes the site you are on and gives you a code specific to that site you can use the same device for multiple sites and it and it stores a unique identity which is used to log into each site so a single device identity cannot be used now some browsers don't support u2f yet and also it works mainly with usb ports so using a mobile device can be tricky nevertheless you could always log in on your mobile device using an authenticator app and use the u2f device on your desktop for extra security and finally i like to remind everyone that there are a number of ways to secure your devices alongside two-factor authentication one of those ways is to use a vpn extension with your browser to provide an additional layer of protection to encrypt your data and avoid ip links now i like nordvpn it's a popular provider it's portable it's super easy to use and if you're interested in learning more about nordvpn we have an in-depth review linked in the description below also if you'd like to learn more about my favorite cyber security products the ones i think are are most essential to have i'll link to that video below as well and as i mentioned earlier this includes all of the most essential online security products that the average person would benefit from most for protecting their family's privacy and staying safe online so that's it for today's video if you found this helpful please leave a thumbs up as that always makes my day and if you're a new subscriber welcome to our cyber family be sure to let me know what topics you'd like me to talk about next in the comment section and i really appreciate all of you for watching and i look forward to interacting with you in the comments below
Info
Channel: Think Security
Views: 1,607
Rating: undefined out of 5
Keywords: 2 Factor Authentication Explained, two factor authentication, 2 factor authentication, two factor authentication iphone, two factor authentication apple, google authenticator, 2 factor authentication explained, multi factor authentication, authentication, multi-factor authentication, cyber security, information technology, authenticator app, google authenticator app, two step verification, two-factor authentication, iphone two factor authentication, 2 step verification, 2fa
Id: 7AoYRvDkOy4
Channel Id: undefined
Length: 12min 15sec (735 seconds)
Published: Wed Feb 16 2022
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.