While strong, complex passwords are an effective first line of defense when securing work accounts and applications, they are not foolproof and can be compromised if a hacker gains access to organizational systems. Two-factor authentication (2FA), also known as multi-factor authentication, serves as an extra line of defense and complicates the login process by adding an additional form of identity verification.
Cybersecurity attacks and data breaches are increasing as the tools used by hackers become more and more sophisticated. Don’t let yourself or your donors become the next target. The solution? Implementing two-factor authentication.
What is two-factor authentication?
If you’re new to the world of two-factor authentication, you might be wondering how it works. It adds an additional layer of security to online accounts. It requires an additional login credential (beyond username and password). For example, an application will email an additional code to you, ask you verifying questions you have previously answered, or send a text to your mobile device. In short, it makes it even more difficult for information to land in the wrong hands, and adds another layer of security.
But choosing a method can be a bit daunting. There are many forms 2FA can take, from free or paid software programs to verification through text or email. To get you started, here are a few methods of 2FA we recommend considering, and some you may want to retire.
Join 30,000+ fundraising professionals that receive our weekly Sunday newsletter with industry trends, tips, and analysis delivered right to your inbox
Biometric authentication requires a user to verify that they are who they say they are via a physical characteristic — something like a fingerprint scan, or facial or voice recognition. For large organizations storing or accessing highly sensitive information, this is one of the most effective forms of 2FA. Because it is one of the most difficult to fake, biometric authentication gives your information a great chance at protection from bad actors.
Google authenticator is an easy, safe, and pretty painless option for many entities looking to implement two-factor authentication. This is a popular choice because many applications are compatible with Google Authenticator. If you’re already using Google systems, then integration will be even easier. Basically, all the user has to do is download the app and register the program they want to use. The application will generate a 6-digit code that can be input into applications to verify the user’s identity.
Bluetooth or USB key
A Bluetooth or USB key can be an effective physical safeguard against breaches of protected data. Rather than verifying the user’s identity through online authentication, this method requires the use of a physical security key which hackers cannot compromise through usual means. This form of authentication is recommended by the FIDO Alliance, an organization dedicated to promoting better authentication standards.
Text message verification
If downloading yet another mobile app sounds like something you or your employees would like to avoid, then text message verification may be a more suitable fit. It’s an option that utilizes an existing app, and can be easily implemented. The program will send a text to your mobile device with a one-time pin to input into the site. It’s simple and easy.
Email verification is a simple, easily implemented form of two-factor authentication, since people often view their email accounts daily and tend to have easy access on mobile and/or desktop devices. This is, however, the least secure of the 2FA options. If your system is compromised, there is a chance hackers may have access to emails on the system which would make 2FA useless.
When you activate 2FA on your system, you have the option of downloading backup codes that you can use to access the system. It’s important to keep these codes in a safe place, in the event that your phone is lost or stolen. Otherwise, you won’t have access to the device that you would normally use for 2FA. These codes are like passwords, and need to be stored securely! They are best used only for emergency access.
Making the choice
Whichever two-factor authentication method you choose, it should reflect the current state of your business, your security standards, and the ways in which your employees access and secure protected data.
Discuss possible 2FA options with members of your leadership team or IT personnel. Whichever method you choose, be sure to enable it on all accounts, devices, and programs used in the course of business. Securing protected data should be a number one priority, and with two-factor authentication, that task is made easier and more effective.
Learn more about Gravyty's commitment to keeping donor data safe without getting in the way of your fundraisers doing the best work of their lives. See a Gravyty demo today and see for yourself why you don't need to sacrifice security for efficiency;