2FA in Folderit document management system software

Historically, people have been using passwords and encryptions to keep their digital content safe. For every secure solution out there, news emerges of some kind of wide-scale data breach, and the internet feels less secure for it.

Two-factor authentication is basically just double-checking for digital activity. That might be oversimplifying it, but let’s look further into Two-Factor Authentication.

What’s the problem?

Going by this list of sites that have been breached in the past, with LinkedIn being as recent as June 2021, we know that absolute security is not a guarantee. Without going into details of cyber-breaches, even the most secure passwords with the strongest authentication can be bypassed through techniques like phishing, hacking, or even social engineering (that one’s the toughest nut to crack). 

The sheer volume of passwords we depend on today makes it unfeasible to remember each one. Eventually, people make their passwords easy to remember (hence easy to breach) or will note it down somewhere, making it all the less secure for it.

Why 2FA?

A data breach occurs when one party successfully accesses another party’s content by mimicking or bypassing proper authorization. Two-Factor authentication puts a halt in operations until verification has been made from a secondary source, like a phone, or an email. Bypassing passwords is a lot of trial and error, adding a layer of verification from an unknown source adds multifold complexity to the process, making it even more secure. 

This additional authentication factor can take many shapes, if you are using verification apps, you could be given a screen prompt for verification, or perhaps a one-time email link, or some form of passcode or security key. It could even be tied to your biometric data if need be.

One Time Passcodes

While strong authentication such as hardware security keys or complex passwords do help keep your account secure from the average cyber threat (it would take billions of years to try and guess the 256-bit bank-level encryption that comes with Folderit), it has become more common for large B2B and B2C organizations to make verifications through one-time passcodes that can be sent via text, or email. This is a popular line of defense, but there are ways to bypass/intercept those as well. Besides if you are in an area with bad coverage, or are generally away from your phone, you might end up not receiving your authentication in time for a successful login. This kind of friction isn’t always welcome.

Google Authenticator

The best part about using 2FA, or even multi-FA is that using a reliable partner, such as Google Authenticator, any sign-in process can be made as simple as checking your Gmail. Where authentication isn’t designed to make login a hassle. You simply get prompted with a response that is as easy as picking a number and tapping on it.

Google Authenticator installs as an app on your smartphone. With Folderit, you will be provided with a shared secret key over a secure channel that is stored in the authenticator app. This secret key will be used for all future logins to the site. 

The added advantage of this move is that anyone trying to get into your account will also need to get into your Google account and your phone at the same time, making their job significantly harder.

Conclusion

The traditional password, our sole line of online defense for all these years is no longer sufficient to deal with the range of cyber threats out there. Compounded by the fact that people have hundreds of sites to log in on makes it is very difficult to manage either a singular password or a string of complex ones. This opens the door to human error. Adding 2FA takes away from the stress of multiple password management and adds a layer of security.

You can turn on 2FA for your account in Folderit under your profile when you’re logged in. Administrators can enforce the requirement for their team to use 2FA under Password Policy management.