Blog
2-factor authentication - double protection for your FrachtPilot
Katharina Rösner
More and more service providers are offering 2-factor authentication , for example, to ensure that your customer account is protected beyond a password. Read this article to find out why you should use it and exactly how it works.
With the Authentication — or authentication — By using two factors, you enter an additional number code in addition to your password, such as a TAN. You therefore authenticate yourself using two factors to double secure your account. With the second factor, the system authenticates you as Authorized user.
So the first factor to access your email account is your password. That is definitely necessary because your email address It's usually not secret. Is the side of a data leak affected, your password can also fall into the hands of third parties and is therefore no longer secret. Die encryption In this case, a second factor still protects your data.
It is important that the factors from different categories come. One can, for example, a Knowledge resource be in the form of a password, the other a TAN, an OTP as possession in the form of a token or biometric data such as a fingerprint. It is safest if the TAN is generated via hardware, i.e. a security token.
Two-factor authentication means that you use a password to authenticate yourself first, which does not direct you to the desired content, but to a second barrier. You enter a second code or biometric data such as a fingerprint. You use this second factor to authenticate yourself as a legitimate user.
Banks have been using two-factor authentication for a long time, as you always have to enter your PIN in your bank card in addition to your personal chip. In online banking by entering the TAN, it is also common practice.
Since 2-factor authentication is more secure than simply entering a password, many online providers are offering it more and more frequently. At FrachtPilot, the security of our customers is of course important to us, which is why we also rely on 2-factor authentication using one-time passwords. You will receive the one-time password or OTP (one-time password) by email in the form of a numeric code when you have entered your password for your cockpit. Enter the number code into the login mask.
If you imagine that your account is a real cockpit on an airplane, there are two doors in front of it that you have to open first. Enter your password before the first one, the number code before the second. If someone came into possession of your password, they could easily open the first door. However, the last one denies her unauthorised access to your cockpit. The person may have intercepted your password through a replay attack to get into your cockpit, for example. On the other hand, she doesn't know the second factor and can't do anything with your password. With 2-factor authentication, you protect yourself from hacker attacks or phishing.
The installation can be a bit time-consuming and the login process is delayed. But that should be worth securing your cockpit for you.
Die most common procedures are TAN and OTP, but there are also software certificates such as ELSTER uses them.
One TAN, a six-digit Numerical code, do you often receive via SMS. It's safer if it doesn't come from the same device on which you enter your password. However, to activate the TAN procedure, you must provide your telephone number.
Another common procedure is that OTP, One-time password, also a one-time password, or One time password called. A password-protected file or app generates another six-digit code on another or even the same device, which you enter in addition to the password. The app does not access your data flow or phone number, but simply makes a comparison with the timestamp What a mobile device can assign because it has a clock. To ensure access to your account or cockpit, it's a good idea to install OTP generators on multiple devices.
The OTP or TAN can also be used via token be generated. Sending by email is often also possible. With tokens are security token means that generate the number code. This works using an algorithm that calculates the numbers in a time-bound manner. Since they appear random, the process is also described as pseudo-random.
The terms are often used synonymously. The English term Authentication However, with authentication translated correctly. They refer to the first and second factors as Sub-processes when signing up. The difference is that when you enter the Passwords Even as a legitimate: r Authenticate user. When you enter the One-time passwords authenticated The system, on the other hand, you as an authorized user.
Yours data And yours surety We are also with Freight pilot Very dear to your heart, which is why we give you 4 (!) different proceedings offers that you are free to choose from:
As cloud software, we offer you even more service and data protection for your delivery service. Just visit our page for more information. You can also find us here test for free or a Book a webinar. We are looking forward to seeing you;)
