Two-factor authentication adds an additional layer of security by adding a second step to your login. It takes something you know (ie. your password) and adds a second factor, typically something you have (such as your phone.) Since both are required to log in, even if an attacker has your password they can't access your account.
Why do you need it?
Passwords are increasingly easy to compromise. They can often be guessed or leaked, they usually don't change very often, and despite advice otherwise, many of us have favorite passwords that we use for more than one thing. So Two-factor authentication gives you additional security because your password alone no longer allows access to your account.
Time-Based One Time Password
TOTP requires that a user enter a 6 digit code that changes every 30 seconds to complete login. This works with mobile apps such as OATH Token and Google Authenticator and HSV Informatics Ltd will soon be enablling this for all clients. This will be a mandatory security feature along with strong passwords.
How does it work?
Upon initial signing once Token Based Two Factor Authentication is activated, you will be presented with a QR code to scan using your smartphone or tablet device.
Once this is scanned, your device will then store authorization to generate a pass code and authentication to access your client area.
Every 30 seconds, a new 6 digit code will be generated through your OATH application of choice which will be used as the second form of Authentication during login to your account.
Monday, April 30, 2018