Cyber Security Month : Debunking authentication myths with Yubico
October 2020 by Yubico
This year, Cyber Security Awareness Month has come at a time when we are using online services more than ever – to work, shop, learn and generally keep in touch. The pandemic has forced us to almost entirely rely on our digital identities, putting the resilience of authentication technologies to the test. In fact, Action Fraud revealed that more than £16 million was lost to online shopping fraud in three months, while the National Cyber Security Centre issued a warning to education institutions that they are under increased threat from ransomware attacks.
Yubico invented the world’s first security key for consumers and businesses alike – which is now securing online logins for millions worldwide. Nic Sarginson, Yubico’s Principal Solutions Engineer, has made the following comments about the myths to be wary of as we approach the middle of Cyber Security Awareness Month:
“For consumers, staying safe from hackers might seem daunting or out of their control right now – but it’s actually much easier than you might think. One of the biggest and most concerning myths is that having unique and strong passwords for each of your accounts is enough. Not only is this time consuming, but usernames and passwords are not built to protect against motivated hackers. While tools like password managers are helpful and recommended to organise all of our different log-in combinations, relying on strong passwords alone is still not enough. Two-factor authentication (2FA), which confirms your identity by using a combination of two different methods, can be combined with a password manager to offer far better security."
“Another common myth is that all 2FA methods are equal, and that as long as you have something in place, you’re good to go. Unfortunately, not all 2FA is created equal and some, such as one-time codes texted to a user’s phone are the most basic layer of additional security and will not protect against sophisticated phishing ploys. As long as an authentication method requires an action on your end, and a reliance on the user knowing whether or not you’re on a fake site, vulnerabilities will continue to be an issue.”
“For some people, there’s also a misconception that 2FA is too complicated and time consuming. In truth, 2FA can be incredibly simple to use and there are other options outside of copying and pasting or painstakingly re-typing passcodes. Instead, there are solutions that allows you to set your device to trusted and literally requires you to log in once to securely access a range of digital services without having to worry about the perceived headaches associated with securing your data online.”
“As Cyber Security Awareness Month will be a little bit different – and even more important – this year, organisations everywhere must assess their security options to offer more secure and user-friendly solutions, and take steps to overcome the common misconceptions about authentication. Once strong online security is properly balanced with convenience and simplicity is when we will all truly be safer online.”