Multi-Factor Authentication in the Cloud

Better protect your users’ accounts and enterprise through multi-factor authentication.

Like it or not, one wrong mouse-click or weak password stands between your users and a breach of their e-mail, search history, photos, private calendar, merchant account, contacts, health data, voicemail, documents and purchase history (everything that Google stores about them visible in Google Dashboard). 

Weak and repeated passwords are commonplace, and placing all user account security into a six or eight character password could be a recipe to get “owned” quickly. Also, passwords alone make phishing attempts more likely.

Typically, a phishing e-mail will present a message and URL that looks exactly like the ones from your service provider. The message usually has some urgency that your users must log-in.  Once they do, their username/password are both captured by data thieves.

So what can they do without being experts at figuring out which URLs are part of a phishing e-mail? Well, your users need something besides a password; they need a second “factor.” 

Usually when security professionals talk about authentication, they talk about two or more factors as “something you know, something you have, something you are.”  The password is something your users know.  So the other factor can be something your users are (i.e. biometrics) or more likely something they have (i.e. a token).

In this article we’ll explore the second factor for different service providers such as Google, PayPal and Amazon to better protect your users’ accounts.

Mikhael Felker is an IT pro who has worked in Defense, Healthcare, High-Tech and Non-Profits. He teaches, writes, and speaks at numerous Southern California venues about technology. See here to check out all his Tom's IT Pro articles.