Files.com Blog

Protect Your Users and Data with 2FA

Friday, September 06, 2019

Why you should activate two-factor authentication now

Short answer: because keeping up with security is an unending battle, and password protection alone is not winning it.

Not all users are careful with their login credentials all of the time, nor are phishing attacks decreasing. The likelihood that your credentials, or one of your user’s credentials, will at some point be compromised is rising.

Two-factor authentication (2FA), however, greatly lowers the chances that an attacker will actually breach your account.

2FA adds a second security layer to your account. While cracking passwords has become more common, an attacker faces much greater challenges getting ahold of your second authentication factor.

Solid 2FA methods combine two different kinds of factors: something you know (your password) with something you have (usually a smartphone, or hardware 2FA key management device). Without both factors, you can’t log in (and neither can attackers!)

2FA methods Files.com supports

Files.com supports five 2FA methods:

  • Yubikey U2F/FIDO (preferred)
  • Yubikey Native
  • Authenticator Apps that use TOTP (time based one-time password)
  • SMS (Text messages)
  • Hardware Key (U2F/FIDO)

Each of these methods works differently, and users can add more than one to your Files.com user account to keep security solid while making sure you always have access. Visit our documentation center to see how each of these methods is activated in your user account.

We also offer different 2FA options and capacities on our different plans. Make sure your plan enables you to build the security model you need.

Choosing which 2FA methods your users are allowed

Not all 2FA methods are created equal, and not all methods work with all connection protocols, so we’ve built in the ability for Files.com site administrators to control which of the methods are available to their users.

Our favorites are hardware devices that use U2F/FIDO, but you may also need authenticator apps or SMS for your users who connection with FTP, SFTP, or WebDAV. Or if your security policy doesn’t allow SMS, for instance, it’s a simple matter for a site administrator to remove that option from the available list.

Mandating 2FA for all users

Of course, a security feature only works when users actually use it.

For our Enterprise and Enterprise Premier accounts, we give site administrators the ability to mandate that all users add at least one 2FA method to their user accounts. This means that you never have to worry about whether anyone in that long list of users hasn’t gotten around to following your policies yet and is leaving your data potentially exposed.

Questions? Need help?

You can tell that security is an important topic around here. We want you to have an ironclad security model and to put it into practice on the Files.com platform. Please let us know how we can help. We’re here and glad to assist you. Please contact us by email or phone (1-800-286-8372 ext. 2).