Introduction

With so much of our lives happening on mobile devices and laptops, it’s no wonder our digital accounts have become a magnet for criminals. Malicious attacks against governments, companies, and individuals are more and more common. And there are no signs that the hacks, data breaches, and other forms of cybercrime are slowing down!

In recent years, there has been a massive increase in the number of law firms losing critical data. As cybercrime gets more sophisticated, companies find that old security measures are easily defeated with sophisticated attacks. Recently in the first quarter of 2020 nearly 2,000 law firms had their data ransomed using a popular legal practice management product.

Luckily, it’s easy for businesses to add an extra level of protection to user accounts in the form of two-factor authentication, also commonly referred to as 2FA.

Passwords are Historically Bad But Still In Use

In 1961, the Massachusetts Institute of Technology developed the Compatible Time-Sharing System (CTSS). To make sure everyone had an equal chance to use the computer, MIT required all students to log in with a secure password. Soon enough, students figured out that they could hack the system, print out the passwords, and gain more computer time.

Despite this, and the fact that there are much more secure alternatives, usernames and passwords remain the most common form of user authentication. While using passwords is better than having no protection at all, they’re not foolproof. Here’s why:

Humans have lousy memories: A recent report looked at over 1.4 billion stolen passwords and found that most were embarrassingly simple. Among the worst are “111111,” “123456,” “123456789,” “qwerty,” and “password.” While these are easy to remember, any decent hacker could crack these simple passwords in no time.

Too many accounts: As users get more comfortable with doing everything online, they open more and more accounts. This eventually creates too many passwords to remember and paves the way for a dangerous habit: password recycling. Here’s why hackers love this trend: it takes just seconds for hacking software to test thousands of stolen sign-in credentials against popular online banks and shopping sites. If a username and password pair is recycled, it’s extremely likely it’ll unlock plenty of other lucrative accounts. 

2FA To The Rescue

2FA is an extra layer of security used to make sure that people trying to gain access to an online account are who they say they are. First, a user will enter their username and a password. Then, instead of immediately gaining access, they will be required to provide another piece of information.