Protect your investor relations data and activate 2FA: why two-factor authentication is a must have - MZ Group
  • IPO & Empresas Listadas
  • Fundos e Gestoras
  • Empresas Privadas
Back

Protect your investor relations data and activate 2FA: why two-factor authentication is a must have

Why two-factor authentication is a must have for all IR Tools

Protect your investor relations data and activate 2FA

 

In our current days, we frequently come across news regarding cyber attacks, data breaches, and leakages. Day after day, more and more, small, medium, and large companies are victims of cyber attacks, resulting in data leakage, financial, image, and reputation losses.

Most of this data is user data such as credentials, personal or financial information. When we talk about information security, we need to remember that this is not only on technical aspects, but also includes processes and people. In the internet world, we have to manage a lot of different usernames and passwords.

Some of the systems require us to change passwords periodically. That’s why people don’t usually put much effort into defining strong passwords. This results in weak passwords that could have already been leaked or can easily be discovered. Protecting access credentials to a system or application must be a concern to all users. Here are a few facts that illustrate why every business should require two-factor authentication for cloud platforms:

  • 90% of passwords can be cracked in less than six hours
  • Sophisticated cybercriminals have the power to test billions of passwords every second
  • Two-thirds of people use the same password for all logins

 

Managing your password

Most of the systems and applications require credentials, such as passwords, for user authentication. Authentication is the process of verifying and confirming that the entity is who it says it is. For that, it’s required for the user to have information that only itself and nobody else knows. This means the password must be a password that only you know and nobody else can discover. Here are some password recommendations to make your password is complex and more difficult to be discovered:

  • Do not use personal or professional information such as name, surname, relatives names, pets names, sport team names, company name, etc.
  • Do not use the current year or years related to personal events, such as birth date, as part of the password
  • Do not use keyboard sequences such as “123”, “abc”, “qwerty”, etc.
  • Do not use the word “password” as your password. Believe, this is one of the most used passwords
  • Do not use combinations of the previous items, such as NameSurnameYear, YearCompany, Surname12345, etc.
  • Do not write your password anywhere and leave it on your desk or in a post-it on your laptop or computer
  • Do not save your password in text files and save them on your desktop
  • Make use of strong passwords. Strong passwords are a combination of a long password, uppercase and lowercase letters, numbers, and special characters. Make sure to use passwords as long as possible. Each additional character increases the number of possibilities.
  • Do not use real words or phrases. Some people use their favorite quote as a password. It is usually long, but could not be as secure as you think it is.
  • Do not reuse passwords in different systems. If your password is leaked in any system, this could be used in other applications. This means systems with less security can expose more reliable and secure systems.
  • Beware of Social Engineering. Phishing attacks are increasingly common (fake pages to collect your credentials), people looking at you typing your password, people asking your password by email or phone, etc. Do not ever share your password or codes with other people.
  • Beware of hotspots and public wifi. Someone can intercept the data being transmitted over this network.

 

Improving your authentication with 2FA/MFA

Two-factor authentication (2FA) or multi-factor authentication (MFA) is another security layer in the authentication process of a system or application. This is a function used to guarantee secure authentication, even if someone discovered your password or it has been leaked in any data breach.

The password is the information that you know (but someone could discover or it could be leaked). The 2FA/MFA is the information that you have by receiving it in a reliable device/method, such as SMS, Email, or Apps.

With 2FA/MFA, the password by itself will not be enough to be authenticated. Every time you will be logging into a system or application, after inputting your username and password, you will be asked to inform a random and temporary code that you will receive in the device/method chosen.

2FA/MFA significantly leverages the authentication process to make sure you are the one accessing the system or application since you will need access to your email, phone, or application.

 

Conclusion

Protect and improve your passwords and make use of other authentication methods that can keep your personal and sensitive data secure. So it’s recommended to activate your 2FA/MFA in your systems and applications profiles and follow the password recommendations to make sure your credentials are protected and secured.

 

Danilo Ohtani

Partner & CTO, MZ

Stay on top of what's happening in the market