{"id":3686,"date":"2012-09-19T12:02:44","date_gmt":"2012-09-19T12:02:44","guid":{"rendered":"http:\/\/www.journeytothecloud.com\/?p=2222"},"modified":"2012-09-19T12:02:44","modified_gmt":"2012-09-19T12:02:44","slug":"stay-safe-in-the-cloud-with-two-factor-authentication","status":"publish","type":"post","link":"https:\/\/icloud.pe\/blog\/stay-safe-in-the-cloud-with-two-factor-authentication\/","title":{"rendered":"Stay Safe in the Cloud With Two-Factor Authentication"},"content":{"rendered":"<p>The use of two-factor authentication has been around for years, but the recent addition of this security feature in cloud services from Google and Dropbox has drawn widespread attention.\u00a0 The Dropbox offering came just two months after a well-publicized security breach at their online file sharing service. <span id=\"more-2222\"><\/span><\/p>\n<p><strong><span style=\"text-decoration: underline;\">Exactly What Is Two-Factor Authentication?<\/span><\/strong><\/p>\n<p>Of course, most online applications require a user name and password in order to log on.\u00a0 Much has been written about the importance of managing your passwords carefully.\u00a0 However, simple password protection only goes so far.<\/p>\n<p>Two-factor authentication involves not only the use of something the user knows such as a password, but also something that only the user has.\u00a0 An intruder can no longer gain access to the system simply by illicitly obtaining your password.<\/p>\n<p><strong><span style=\"text-decoration: underline;\">Authentication Tools<\/span><\/strong><\/p>\n<ul>\n<li><strong>ATM Cards:\u00a0 <\/strong>These are perhaps the most widely used two-factor authentication device.\u00a0 The user must both insert the card and enter a password in order to access the ATM.<\/li>\n<li><strong>Tokens:<\/strong>\u00a0 The use of tokens has increased substantially in recent years.\u00a0 Most of these are time-based tokens that involve the use of a key sized plastic device with a screen that displays a security code that continually changes.\u00a0 The user must enter not only their password, but also the security code from the token. Tokens have been popular with sensitive applications such as on-line bank and<br \/>\nbrokerage sites.<\/li>\n<li><strong>Smart Cards:\u00a0 <\/strong>These function similarly to ATM cards, but are used in a wider variety of applications.\u00a0 Unlike most ATM cards, smart cards have an embedded microprocessor for added security.<\/li>\n<li><strong>Smart Phones:<\/strong>\u00a0 The proliferation of smart phones has provided the perfect impetus to expand two-factor authentication to widely used internet applications in the cloud.\u00a0 In these cases, users must enter not only a password, but also a security code from their phone or other mobile device.\u00a0 This code can be sent to a phone by the service provider as an SMS text message or generated on a smartphone using a mobile authenticator app.\u00a0 Both Google and Dropbox now use this method.<\/li>\n<\/ul>\n<p>Yahoo! Mail and Facebook are also introducing two-factor authentication using smart phones.\u00a0 However, their methodology only prompts the user to enter the <a title=\"security problem\" href=\"http:\/\/www.journeytothecloud.com\/cloud-computing\/avoid-the-umpire-security-problem\/\">security<\/a> code if a security breach is suspected or a new device is used.<\/p>\n<p><strong><span style=\"text-decoration: underline;\">So What\u2019s Next?<\/span><\/strong><\/p>\n<p>Cloud security is a hot topic and two-factor authentication is one way to mitigate users\u2019 well founded concerns.\u00a0 As a result, development and adoption of two-factor authentication systems is proceeding at a rapid pace and should be available for most cloud applications within just a few short years.<\/p>\n<p>The shift from token based authentication to SMS based authentication is also likely to accelerate along with smart phone use.<\/p>\n<p>Two-factor and even three-factor authentication using biometrics will become more popular.\u00a0\u00a0 Finger print readers are already quite common on laptop computers.\u00a0 Use of facial recognition, voice recognition, hand geometry, retina scans, etc. will become more common as the technology develops and the price drops.\u00a0 The obvious advantage of these biometric systems is that the physical device cannot be stolen or otherwise used by a third party to gain access to the system.<\/p>\n<p>As with any security system, two-factor authentication is not 100% secure.\u00a0 Even token systems have been hacked and there is no doubt that there will be breaches in SMS authentication tools as well.\u00a0 However, two-factor authentication still provides the best way to stay safe in the cloud and it\u2019s advisable to use it whenever possible.<\/p>\n<p><em>This post is by Rackspace blogger Thomas Parent. <a href=\"http:\/\/www.rackspace.com\/\">Rackspace Hosting<\/a> is a service leader in cloud computing, and a founder of OpenStack, an open source cloud operating system. The San Antonio-based company provides Fanatical Support to its customers and partners, across a portfolio of IT services, including Managed Hosting and <a href=\"http:\/\/www.rackspace.com\/cloud\/\">Cloud Computing<\/a>.<\/em><\/p>\n<div class=\"feedflare\">\n<a href=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?a=YULODOC2zMY:6vUVOGwvQ1g:yIl2AUoC8zA\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?d=yIl2AUoC8zA\" border=\"0\"><\/img><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?a=YULODOC2zMY:6vUVOGwvQ1g:-BTjWOF_DHI\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?i=YULODOC2zMY:6vUVOGwvQ1g:-BTjWOF_DHI\" border=\"0\"><\/img><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?a=YULODOC2zMY:6vUVOGwvQ1g:V_sGLiPBpWU\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?i=YULODOC2zMY:6vUVOGwvQ1g:V_sGLiPBpWU\" border=\"0\"><\/img><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?a=YULODOC2zMY:6vUVOGwvQ1g:qj6IDK7rITs\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?d=qj6IDK7rITs\" border=\"0\"><\/img><\/a>\n<\/div>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~r\/JourneyToTheCloud\/~4\/YULODOC2zMY\" height=\"1\" width=\"1\"\/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The use of two-factor authentication has been around for years, but the recent addition of this security feature in cloud services from Google and Dropbox has drawn widespread attention.\u00a0 The Dropbox offering came just two months after a well-publicized security breach at their online file sharing service. Exactly What Is Two-Factor Authentication? Of course, most&#8230;<a href=\"http:\/\/www.journeytothecloud.com\/cloud-computing\/stay-safe-in-the-cloud-with-two-factor-authentication\/\">Read More &#187;<\/a><\/p>\n","protected":false},"author":25,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[104,952,953],"tags":[],"class_list":["post-3686","post","type-post","status-publish","format-standard","hentry","category-cloud-computing","category-cloud-security","category-two-factor-authentication"],"_links":{"self":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/3686","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/comments?post=3686"}],"version-history":[{"count":0,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/3686\/revisions"}],"wp:attachment":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/media?parent=3686"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/categories?post=3686"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/tags?post=3686"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}