User:Apple1223/Multi-factor authentication

Multi-factor Authentication (Draft)

edit

Mobile Phones (adding to this already existing section)

edit

Another drawback is that SMS multi factor authentication is not the safest method of multi-factor authentication. This type of multi-factor authentication is most susceptible to hackers taking advantage of users. The hackers are able to intercept any type of authentication the user chooses, whether it is through a phone call, code, SMS message, or push notification.[1]

 
Multi-factor authentication tokens that are used to verify the users.

Security (adding to this already existing section)

edit

Two factor authentication is not a sure proof way to keep people from getting into accounts. There can still be many problems with this authentication that will still allow it to be hacked. The Twitter CEO even had his account hacked when he was using two factor authentication.[1] Hackers are able to intercept the codes that get sent to users to log in. Many people think that since something has multi- factor authentication the source is completely secure, but that is not always the case.

COVID-19 (new section)

edit

Many businesses have had to switch to a fully online environment since the beginning of the Covid-19 pandemic. This has led to an increased need for security within business, so many have had to rapidly adapt to the changes. Since companies have had to quickly create protections thus the use of multi-factor authentication is on the rise. Employees in some businesses are required to use the multi factor authentication to have access to work materials. [2] Security, including multi factor authentication, investments are the main focus within businesses since the switch to remote work.[3]

Legislation and Regulation, United States (adding to this already existing section)

edit

The National Institute of Standards and Technology also recently updated their guidance on using SMS authentication. They stated that SMS calling should not be the primary authentication used because it is not secure enough and an alternative means of authentication should be used as the second factor.[4]

Controversies (adding to this already existing section)

edit

Facebook has been found to be using the phone numbers users put in for multi-factor authentication in alternative ways. They are being added to users accounts, so they can be seen on their profiles and can be searched through phone numbers.[5] The phone numbers are also being given to advertisers, so they can push ads towards the users.[6]


Zoom has recently implemented two-factor authentication to all users because they have had issues with security. People were unexpectedly entering Zoom meetings known as "Zoomboming" and causing disruptions. They also had issues with protecting recorded meetings as they were kept on the platform with little security. The lack of security on Zoom caused the Federal Trade Commission to get involved to make them improve their security measures. Zoom's solution to their security issue was to implement two-factor authentication for all users.

Bibliography

edit

Source 1: https://support.apple.com/en-us/HT204915

Source 2: https://www.pcmag.com/how-to/two-factor-authentication-who-has-it-and-how-to-set-it-up

Source 3: https://www.cnet.com/news/two-factor-authentication-what-you-need-to-know-faq/

Source 4: https://www.cnet.com/news/two-factor-authentication-isnt-as-secure-as-you-might-expect-world-password-day/

Source 5:https://mobileidworld.com/duo-report-suggests-covid-19-accelerating-corporate-transition-cloud-111005/

Source 6:https://www.verdict.co.uk/multi-factor-authentication-microsoft/

Source 7: https://www.computerweekly.com/news/252491772/IT-Priorities-2020-After-Covid-19-security-goes-back-to-basics

Source 8: https://www.cio.com/article/3141648/understanding-nist-regulations-and-mfa.html

Source 9: https://www.phonearena.com/news/facebook-controversy-two-factor-authentication-phone-number-privacy-violation_id114238

Source 10: https://onezero.medium.com/facebook-is-eroding-trust-in-two-factor-authentication-306163dacd6a

Source 11: https://www.engadget.com/zoom-rolls-out-twofactor-video-call-authentication-for-all-accounts-084536539.html

Source 12: https://sg.news.yahoo.com/zoom-rolls-out-twofactor-video-call-authentication-for-all-accounts-084536539.html

Source 14: https://slate.com/technology/2020/11/zoom-reaches-settlement-with-federal-trade-commission.html

Source 13: https://www.pcmag.com/how-to/two-factor-authentication-who-has-it-and-how-to-set-it-up

  1. ^ Shankland, Stephen. "Two-factor authentication? Not as secure as you'd expect when logging into email or your bank". CNET. Retrieved 2020-10-05.