Cyber Security Awareness 003: Authentication

By -

Introduction to Authentication

Multi-Factor Authentication (something you know/are/have)

Authentication is like showing your ID to get into a building. It's proving who you say you are to access something online. Whether you're checking your bank account, buying something online, or logging into your email, authentication keeps your information safe.

Think of it this way: when you visit a website or app, you need to make sure you're the person you claim to be. That's where authentication comes in. It's like a digital doorkeeper, checking your credentials to let you in.

There are three main steps involved in authentication:

  1. Identification: You tell the system who you are, usually by entering your username.
  2. Verification: You prove your identity by entering a password or using a fingerprint or facial scan.
  3. Authorisation: The system checks if you can access what you're trying to see or do.
Authentication is crucial to your digital identity and business because it helps protect your personal information and prevents unauthorised access to your accounts. Without strong authentication, it would be much easier for hackers to steal your identity or money.

Why is Authentication Important?

Authentication is like a lock on your front door. It keeps unwanted visitors out. In the digital world, it protects your personal information from falling into the wrong hands.

Without strong authentication, you risk:

  • Data breaches: Hackers can steal your personal information, like your credit card number or Tax File Number.
  • Identity theft: Someone could use your information to pretend to be you, make purchases, or open new accounts.
  • Financial loss: If your bank account is accessed without your permission, you could lose money.
That's why it's crucial to use strong, unique passwords and consider additional security measures like two-factor authentication. Protecting yourself online starts with understanding the importance of authentication. (Microsoft.com, 2024)

Types of Authentication

To make sure it's you trying to log in, websites and apps use different ways to verify your identity. These are called authentication factors. While username and password are the most common, there are three main types of authentication factors

Something You Know

This is the most common type of authentication. It's when you prove your identity by remembering something, like a password or a PIN. Think of it as answering a secret question only you know.

Something You Are

This is when your body itself is the key. We call it biometric authentication. It uses unique parts of you, like your fingerprint, face, or even your voice to identify you. This is becoming more common on smartphones and other devices.

Something You Have

This means you have to show something to prove who you are. It could be your smartphone, a security token, or even a special card. For example, when you log into your online banking, you might get a code sent to your phone that you need to enter.

By using a combination of these methods, you can create a stronger layer of protection for your online accounts. (What Is Authentication? Definition and Uses - Auth0, 2024)

Multi-Factor Authentication (MFA)

Multi-factor authentication (MFA) is an extra layer of security that requires multiple forms of identification to access an account. For example, you might need to enter a password, and then verify your identity with a code sent to your phone. This makes it significantly harder for hackers to break into your accounts. (Protect Yourself: Multi-Factor Authentication | Cyber.gov.au, 2022)

The Future of Authentication

Authentication is constantly evolving. We can expect to see more advanced methods like biometric recognition (fingerprints, facial recognition) and behavioural biometrics (typing patterns, walking gait) becoming commonplace. Additionally, passwordless authentication using devices like smartphones or security keys is gaining traction. As technology progresses, we can anticipate even more secure and convenient ways to verify our identities.

Reference

Microsoft.com. (2024). What Is Authentication? Definition and Methods | Microsoft Security.
[online] Available at: https://www.microsoft.com/en-au/security/business/security-101/what-is-authentication [Accessed 14 Aug. 2024].

‌What is Authentication? Definition and uses - Auth0. (2024). Auth0.

Protect Yourself: Multi-Factor Authentication | Cyber.gov.au. (2022). Cyber.gov.au.

More Infomation

Protect Yourself: Multi-Factor Authentication: Australian Cyber Security Center
What is authentication? : Microsoft
What is Authentication? : Okta


Addendum: This post was a collaborative post put together by Sahan

Comments

Post a Comment

Popular posts from this blog

Stay COVID Meeting Safe

By -
I've had a number of people asking me recently about using recently popularised Apps due to COVID-19 in personal situations. In my personal opinion, I would steer away from both Zoom and Houseparty in particular, use something that is tried and tested like Messenger , Hangouts , Facetime or WhatsApp and ensure they're up to date as the latter two have also had hacking issues in the past due to people not updating after identified security breaches. Both Apps are very popular at the moment and have had security and privacy concerns raised. Houseparty has been reviewed by security experts which have said: "it's probably safe". It has safe security options but it is up to the end-user to implement them correctly. Having said that if you read the fine print Houseparty uses your personal data and advertising as their income (nothing is free), there have been reports of users having their login details for Netflix and Spotify accounts compromised but these ar
Read more

COVID-19 Coronavirus v Technology Path

By -
It's surprising what can instill business remodeling and push for changes in technology or an increase in an uptake. COVID-19 has had an extreme impact in our daily routines and has pushed towards a working from home in ways that would have taken years to become the norm.  Don't get me wrong we've been on our way there in the past few years with the developments onto cloud and SAAS solutions; on-line tools, integrations and deliveries; ICQ to Skype to a plethora of communication solutions. In the company I work for/with I've had to roll out a solution we've has available in a SAAS group but never pushed on as it was a convenience solution in place of face-to-face meetings primarily used for FIFO (fly-in-fly-out) clients that might have a limited schedule to communicate and not be in a convenient location. However now that COVID-19 had reared its head into the workplace it obviously creates a risk factor for a traditional face-to-face meeting which is quite likely to
Read more

Cyber Security Awareness 002: Understanding PII (Personally Identifiable Information)

By -
Image
PII (Personally Identifiable Information) What is PII and what should I be aware of? What is PII? In terms of Cyber Security PII (Personally Identifiable Information) is any information associated with the target that could be used as potential leverage for an attack against that individual, an associate, or the company they work for as well as any clients and suppliers the business deals with.
Read more