Everything yours will stay with you: how to secure personal data online?

Everything yours will stay with you: how to secure personal data online?

According to the analytical center of digital shadows, on the black Internet market in 2020 sold more than 15 billion stolen personal data.

These are passwords and logins for online banking, music streaming services, e-mail, social networks. A study by Microsoft found that in more than 99.9% of cases, users could avoid leaking their data if they were more responsible with online authentication.

Authentication vs identification vs authorization

What is online authentication? This procedure helps to confirm your identity. For example, when the program compares the entered password with the password stored in the database. Authentication is the second step in logging in to your account. This is preceded by identification – verification of your login. First, the system asks for a login, you specify it, the system recognizes the login as available – this is identification. The third stage is an authorization. It is giving you the right to perform certain actions. For example, you can manage emails when it comes to accessing email.

Authentication is required to protect personal data. This is probably the most important of the above three steps in terms of account security. It should be given due attention, because in the network, as in real life, there are many who want to get access codes, hack the account, withdraw money from the account. To do this, many technical means and methods of fraud have already been invented. Those who cooperate with companies and work with their data should be especially responsible for the protection of information – not only you but also the company are at risk in the event of a leak.

Types of authentication: single-factor and multi-factor

First, let’s understand what the factor is. Strictly speaking, it is an information tool with which you authenticate. Yes, the factors are divided into:

• unique knowledge (password, code word, or code from numbers that comes in SMS);
• unique device or file (card, intercom key, key to enter the online bank of the enterprise, electronic signature);
• unique biometric data (voice, fingerprints, retina).

It is possible to understand from the name that at one-factor authentication the factor of one kind, whereas at multifactor – two or three (for example, the password + an electronic signature + a fingerprint) is used. The more authentication factors used, the more reliable it is.

There are one- and multi-factor (usually two-factor) authentication. There are three types of factors:

• unique knowledge (code, password, code word, etc.);
• unique device (token, electronic signature, certificate, etc.);
• unique biometric characteristics (fingerprints, facial features, retinal pattern, etc.).

Thus, one-factor authentication uses a factor of one type, and multifactor authentication uses two or three. The most common authentication factors are unique knowledge (passwords and digital code combinations), tokens, and biometrics. Let’s deal with each separately.

Unique knowledge. Passwords

In 2020, Cybersecurity Ventures published a study stating that every online user has 25 to 36 passwords for authentication. Of course, it’s impossible to remember so many different passwords, so people choose passwords that are easy to remember – and hacking. Users often store the same combinations on different Internet resources, which simplifies the task for hackers. Passwords with complex combinations have proven to be effective, but because they are not easy to memorize, passwords are stored somewhere, which also poses some risks of theft. Therefore, companies that work with sensitive personal data do not use this authentication factor or use it in combination with other, more reliable ones.

Cybercriminals can use cloud services to crack passwords. At the same time, they can select more than 650 million different password combinations per second. This means that in about an hour a hacker is able to crack a “super-complex” password of 7 characters. But if your password already has more than seven characters, it takes up to 5 days to crack. During this time, the system can detect hacking attempts and notify you in a timely manner. Therefore, it makes sense to generate strong passwords using special programs.

Unique knowledge. Digital codes and confirmations using a smartphone

This authentication factor as a second step – after you have entered the login and password – is widely used primarily by banks. To complete the procedure of entering online banking, you enter a one-time password, which usually consists of numbers and comes in an SMS or mobile application on a smartphone. A variant of this method of confirmation is a call to the phone with a request to confirm the login. Such authentication is considered reliable, but there are still risks of SMS interception. And, of course, problems can arise in case of loss or theft of the smartphone.

Electronic keys and hardware devices

Electronic keys or signatures are becoming more common. Resources that use this authentication factor, save provide it in the form of certificates (electronic forms) issued by special centers. In this case, the Internet does not store information about users. The digital key is most often used for authentication when it comes to important procedures – for example, you need to go to a personal account on the portal of public services, digital signature, respectively, to sign documents. This type of authentication is reliable, but there is still the possibility of stealing the key/signature.

Tokens, or hardware devices, often in the form of a flash drive, carry one-time passwords that people use to log in to the system. The access code is generated automatically, which guarantees a high level of protection. The disadvantages of this factor are the risk of theft or loss, as well as the additional cost of purchasing the device.

Biometrics

Many of us have become accustomed to this way of unlocking a smartphone, such as scanning a fingerprint or identifying a face. But to ensure greater reliability, many companies and even countries use other unique features, such as retinal imaging, voice, and so on. The same US Immigration Service scans the image of the retina while checking passengers at the airport. This authentication factor has a very high degree of reliability, but there are loopholes, such as the imperfection of readers, which can be “tricked” with 3D copies or photos.

More is better?

Yes, but not quite. Today it is considered that the most optimal type of authentication is two-factor. It is trusted by most large companies, government agencies, and services. Over time, two-factor authentication will become mandatory, as hacking techniques evolve with the development of technology. And if today you have the opportunity to take advantage of two security factors – do it.

If you like the material, tell your friends about it. Thank you!

Related Posts

iPhone 14 Pro and Pro Max have problems while charging

The new iPhone 14 Pro and Pro Max have been found to have serious battery issues. The fact is that they periodically reboot when users put their…

Google recommends updating your Chrome browser

At the end of last week, an urgent update of the Google Chrome browser was released, designed to eliminate a zero-day vulnerability – this is the class…

iPhone 14 Pro was shown in photos and videos

The presentation of the iPhone 14 Pro will take place, most likely, on September 7. Meanwhile, more and more information about the gadget dreamed of by many…

Lenovo Legion Y70 is officially presented

The Lenovo company officially presented its first smartphone on the flagship Qualcomm Snapdragon 8 Plus Gen 1 platform – it was the new gaming Lenovo Legion Y70….

The new low-cost iPad has been put into mass production

ITsider previously reported that the new iPad Pro 2022 with a notch will be equipped with the Apple M2 chipset. And today it became known that Apple…

Vivo Y35 is officially presented

The company Vivo without loud announcements presented a new affordable smartphone Vivo Y35. The model received 44W FlashCharge fast charging (most similar solutions, it should be noted,…

Leave a Reply

Your email address will not be published. Required fields are marked *