Two-Factor Authentication (also known as 2-Step verification or 2FA) is a version of Multi Factor Authentication, where you, in addition to something you know (such as your password), also provide a code from another device, such as a code delivered to you via SMS or a code from an Authenticator App on your mobile device.
Multi Factor Authentication is a broader term which also require at least 2 Factors for Authentication but also cover other methods such as just providing a code from an Authenticator App or by SMS. Such other factors could be your fingerprint scan, facial recognition, device recognition, or other more modern methods to provide a proof of something you have or something that you are.
Multi Factor- and Two Factor-Authentication are the most effective ways to protect your account against cybercriminals. You still use your username and a password, however, instead of gaining access straight away, you will be required to provide additional information.
Several types of Two-Factor authentication are in use today, some may be stronger or more complex than others, but all of them offer better protection than passwords alone.
Let’s look at the most common forms of 2FA/MFA:
One Time PIN (OTP), from an Authenticator App or a Hardware token
One Time PIN (OTP) delivered via SMS
One Time PIN (OTP) via email
Fingerprint scan (TouchID)
Facial Recognition (FaceID)
Device or Browser Recognition (Your Device or Browser is recognised)
Read more about 2FA and see what Two-Factor authentication methods are available in Admincontrol here.
Unfortunately, passwords are still the main (or only) way many users protect themselves. This is no longer sufficient and 2FA or MFA is a necessary requirement to secure your online accounts. Top Management and Boards need to put security on the top of their agenda and make sure their stakeholders use 2FA or MFA in any system that are accessible via the Internet. The security benefits this additional factor give, and how effective it is in protecting against cyberattacks are crucial for the security of their information. That’s why everyone must start using it. It’s not that hard when you are used to it. The good news is that there is an increasing awareness from companies to use 2FA.
eID based Authentication.
Many countries offer a public eID to their citizens such as Norwegian or Swedish BankID, Danish MitID, Finnish Trust Network (FTN) or similar. These are all Multi Factor Authentication types where the electronic ID are used as proof of your Identity. Electronic IDs are considered very secure and are generally more secure compared to traditional 2FA or MFA.
In Admincontrol we are introducing support for Authenticator App to be used as the second factor. The most common Authenticator Apps in use today are Google Authenticator and Microsoft Authenticator. You can now use these as an alternative to our SMS or eID based Two-Factor Authentication method.
What does this mean to you?
In our web solution, we will now support Authenticator App as an alternative Two-Factor authentication method. Authenticator App is a secure and convenient way to prove who you are.
60% of our International Board Portal users have 2FA activated today, while in Norway 93% have it. With the introduction of Authenticator App as an additional verification method we expect the numbers to increase even further. We highly recommend all our users to set up the Authenticator App and start to use it as their preferred verification method rather than SMS, as it is more secure and gives quicker response. It is also more beneficial and works more smoothly for those who are travelling internationally as SMS delivery sometimes can be delayed. For those who are using eID as preferred authenticator method, it is also recommended to have the Authenticator App set as a fallback /alternative, rather than "2FA with SMS”.
To start using Authenticator App, you need to install it on your mobile phone. If you do not have it already, you can download the Authenticator App, for example Microsoft Authenticator or Google Authenticator, from your app store. You can then connect it to your Admincontrol account from Password and electronic ID settings. Once it is setup, using the Authenticator App for two-factor authentication is easy, and in addition to being secure it is also reliable and offers high quality of service.