Skip to main content
GDPR Kit CIAM Buyer's Guide Contact Us
Janrain respects your privacy and will treat the personal data you choose to share with us in accordance with our privacy statement.
 

We use cookies to give you the best online experience. By using our website you agree to our use of cookies in accordance with our privacy statement

OK

Mobile Menu

Securing Identities: Two-Factor Authentication in the Hacking Age

By Eric Schreiner | Posted on February 09, 2016

Global privacy issues, data breaches, and security concerns are common headlines these days. More than 357 million people have been negatively impacted over the last two years by data breaches at some of the world’s largest consumer brands. More recently, Amazon made big news after it was revealed the retail giant allegedly released sensitive information about a customer as the result of a simple and rather embarrassing social engineering hack. This is yet another stark reminder that hackers have many tools in their arsenal, and how protection of consumer data by companies who store that information must be a high priority issue both at the C-level and across brand marketing.

Social engineering presents unique challenges when it comes to protecting consumer data. Even companies with strong security practices are vulnerable to these attacks because they target the weakest link in the chain: people. The single most effective countermeasure against these attacks is awareness training for support employees with access to sensitive consumer information.

While much of the security falls to the companies that actually store consumer data, there are steps consumers can take to safeguard their private information stored in the cloud. For example, as difficult as it may be to believe, ‘123456’ is still one of the most common passwords in use today. Please don’t do this. Some consumers also still use the exact same password for multiple sign-ons, which amounts to basically just opening the door to your data.

This is where social login can make all the difference. Rather than creating a new password for every website, just reuse an existing identity (e.g. via Facebook or other social platforms) and you’ll have fewer passwords to remember. Definitely make sure that identity is well secured with a strong password and, ideally, two-factor authentication.

Marla Hay, Janrain director of product, discussed the benefits of two-factor authentication in a previous blog post. Two-factor authentication can help thwart social engineering attacks since a cyber-attacker who gets your password would also need that second factor at the time of the attack, which is typically sent only to your personal mobile device. That’s not to say two-factor authentication is bulletproof, but it certainly makes it much more challenging for an attacker to gain access. Many large identity providers currently support two-factor authentication, and this can be an especially important feature for your primary email account (e.g., Google, Yahoo!) or accounts that hold your credit card information (e.g., PayPal and Amazon).

With more and more personal consumer data being stored in the cloud, unlocking exciting and engaging services for consumers, the balance between security and usability must constantly be monitored. This burden is shared by both the business storing information on behalf of consumers as well as consumers themselves.

For more details, download Janrain’s white paper on security and usability here.

Popular Posts

About the author

Eric Schreiner

Eric Schreiner brings over 18 years experience designing and implementing business solutions with the last 10 years focused on enterprise SaaS applications. His expertise blends system design and integration experience with his ability to align technology delivery to business processes, workflows and results. At Janrain, Eric leads our Product Management team, responsible for the cloud-native, multi-tenant Identity platform that forms Janrain’s core CIAM solution. Prior to Janrain, he worked with industry leaders in the aerospace, engineering and manufacturing industries to apply SaaS solutions to their hazardous chemical data and inventory management practices. Eric has B.A in Computer Science from the University of Oregon.

View all posts by Eric Schreiner