In the analogue world, we identify ourselves by our national identity card which consists of basic information such as name, address, date of birth, and a unique ID number.
However this cannot be done in the digital world. Whenever you go online, even your name is not commonly used for identification. What commonly used is the username and password and these two are the basic criteria of a one-factor authentication.
The one-factor authentication is also known as ‘something you know’. Today we have more than one factor when it comes to authentication and it is applied by using a software or hardware device as part of your authentication. This make up the second factor and it is known as ‘something you have’. There is also third factor which is still not popularly used is the third factor or also known as ‘something you are’.
The reason of having so many factors in authentication is that the one-factor authentication is not sufficient for a sensitive transaction’s security. It is vulnerable to the traditional ‘Brute-Force’ attack that it is still useful today simply because computers today are extremely fast and it can even be done not only using CPU but also GPU.
The other weakness of one-factor authentication is that it is extremely vulnerable to ‘Password Reuse’ attack. There are not many users who change their password frequently or use different password for different online account. As a result, any username and passwords that are hacked can be possibly used from time to time on different website.
So now, do you perform your online banking transaction with just username and password? Think twice before you put your online banking account at risk.
Even for certain two factor devices, they are vulnerable to phishing attack. With the increasing cybercrime rate, we should focus more in our IT security. Especially for online banking account users, do think of your safety if you are still with one-factor authentication on that.