How to demonstrate compliance with data security regulations
Effective Password Management In this, our final blog in this series on how passwords help you protect your most important business data, we look at...
Our client portal provides all the tools you need to create, view or update your support requests.
For urgent IT support during business hours, or if you suspect anything suspicious call 01314528444 for the fastest response.
If one of our team has asked you to start a remote control session on your computer, use the remote control menu option above.
4 min read
itfoundations
Originally posted on October 22, 2024
Last updated on October 22, 2024
Protecting your online accounts is more crucial than ever. Authenticator apps are among the most effective tools for boosting security. The UK's National Cyber Security Centre highly recommends their use. Nonetheless, many individuals have reservations about integrating work accounts into authenticator apps on their personal devices. Let’s explore what authenticator apps are, how they function, and address common privacy and security concerns.
If you don't wish to read further, the key point is that they are secure and there's no need for concern. In fact, if you haven't already set one up for your personal accounts, you should consider updating your security settings promptly. Check for MFA or 2FA in your account settings.
Authenticator apps are simple, self-contained mobile applications that generate time-based one-time passwords (TOTPs) or verification codes used for multi-factor authentication (MFA).
Popular examples include:
These apps add an extra layer of security to your online accounts by providing a second form of verification in addition to your password that cyber criminals can't easily get hold of.
Authenticator apps generally work on a very simple three stage process.
Because the app is essentially just a number generator that uses a secret key as a seed to generate codes they aren't actually 'linked' to accounts. They're not really connected to your account, they just store the same key as your account.
Some services have streamlined the process slightly to save you having to manually enter a 6 digit code.
These service's servers store your authenticator's ID so that it can communicate with it by sending notifications to your phone asking you to take action.
This is why you will sometimes see your authenticator app pop up on your phone asking you to unlock it and enter a code, or select a number from a selection of three options.
In this case, the app is communicating with the server directly but isn't linked to any data in your account or on your phone. The self-contained app sends your response to the server to save you having to type out a 6 digit number.
Historically MFA (sometimes referred to as two-factor authentication or 2FA) relied on sending either an email or an SMS to you. Both of these forms of communication are interceptable by cyber-criminals and so aren't as secure as an authenticator app.
The app knows the secret key that only the other server knows. there is nothing communicated between them that is interceptable and useable by a criminal.
Additionally, over and above security, apps are also more reliable as they do not rely on mobile phone coverage to receive an SMS. Many of us have experienced the pain of needing to log into a cloud-service but not being able to receive the SMS code before authenticators were created.
One common concern among people is the fear that adding a work account to their personal phone might allow their IT department to access their personal information. Let’s address this concern in detail:
In addition to simply using an authenticator, there's some best practice guidance and advice that we'll share to make sure that you get the most out of using authentication apps.
Authenticator apps are a powerful tool for enhancing the security of your online accounts. They provide an additional layer of protection that is both effective and easy to use. While it’s natural to have concerns about privacy, it’s important to understand that these apps are designed with security and user control in mind. By using an authenticator app, you can significantly reduce the risk of unauthorised access to your accounts without compromising your personal privacy.
If you would like assistance with setting up authenticator apps, multi-factor authentication or any other cyber security initiatives, get in touch with your team of experts today.
Find out more
Get in touch with us for a chat about how we you could increase your organisation's cyber security.
Effective Password Management In this, our final blog in this series on how passwords help you protect your most important business data, we look at...
3 min read
The number of apps and web tools that employees use regularly continues to increase. Most departments have about 40-60 different digital tools that...
Stolen login credentials are a hot commodity on the Dark Web. There’s a price for every type of account from online banking to social media. For...