Visual Labs - Two-Factor Authentication

It seems that almost daily, another hack or cyberattack makes the news. Capital One Bank is a notable recent victim. It is important as ever to take precautions to secure sensitive data, whether it be financial data or police records, including body camera footage. When it comes to online security, most people think of complex passwords, but many often forget an increasingly more common method to keep unwanted individuals out of our online accounts: two-factor authentication.

Two-Factor Authentication (“2FA” or “TFA”) is an additional security step that requires someone to enter more than one passcode to be able to log in. For example, a user’s standard password is often the first factor (“what you know”) while a code sent via text message to your cell phone is the second factor to prove “what you have.” In some cases 2FA revolves around proving “who you are,” such as a fingerprint.

The three most commonly used 2FA methods are:

SMS Text: Perhaps the most common way to implement 2FA, SMS 2FA sends a random code to a user within a text message (SMS). While this is the most widely used option, SMS verification is only as secure as the security of the network and could be susceptible to a SIM swap attack. Potential weak points in security of the network could lead to an interception of the code by bad actors.
Email: Similar to SMS 2FA, Email 2FA is based on a random code sent via an email. Like SMS TFA, Email 2FA is subject to the security of the transmission of the code and email client. If you have a weak password safeguarding your email account, it’s possible for bad actors to intercept an Email 2FA code
Authenticator Application: Using an authenticator app is perhaps the most secure, but generally the most unfamiliar way to enable 2FA. A smartphone app like Google Authenticator or Microsoft Authenticator uses a secret algorithm to generate a one-time code which expires within a short amount of time. This code is not delivered to the user via network transmission, making it the most secure and reliable of these three methods. However, if you lose or factory reset the phone leveraging the Authenticator app, you would not be able to get a 2FA code.

Despite the fact that 2FA is often seen as a nuisance, an article on TechCrunch recaps a study conducted by Google on just how successful 2FA truly is against unauthorized access.

Google’s data showed having a text message sent to a person’s phone prevented 100% of automated bot attacks that use stolen lists of passwords against login pages and 96% of phishing attacks that try to steal your password.

Visual Labs makes security and CJIS compliance a very high priority. Accordingly, Visual Labs requires each user to have 2FA enabled, whether it’s by receiving a security code via SMS, email or from Google Authenticator on his or her phone. This second layer of protection helps to better safeguard users’ body camera footage, location data, and more.