Most people have had the experience of trying to log in somewhere online and when, after providing your password, the website has you complete one further task to gain access. That task may be an SMS message containing a time-sensitive code, a push notification on the website’s phone app, or even a phone call.
This process is two-factor authentication and while it may be annoying if you aren’t expecting it, TFA enhances the security of your online accounts. After all, according to a 2020 Verizon study1, password theft is the leading tactic hackers use to gain access online.
TFA requires not only something the user knows, like a password, but also something the user has, like their phone or a key fob, or something they are, such as a fingerprint or retinal scan. The chances of a hacker having one of the other components is substantially smaller than relying on just a password alone.
We’ve brought two-factor authentication to TeamViewer at the connection level as another way to make certain your remote access and control solution is as secure as possible.
TFA Scenario #1: Secure Access to Your Work Computer
Jim is using TeamViewer to log into his office desktop computer from home over the weekend. Because he has two-factor authentication enabled for his office PC, upon connection he receives a push notification via the TeamViewer app on his phone asking for him to verify that it is really him trying to access his work computer. He taps “Allow”, and the connection is established.
In the above scenario, Jim (and his IT department) can now be assured every TeamViewer connection to his work computer is approved by Jim himself. Any incoming connection for which he is not responsible will be denied, quickly ensuring Jim’s computer and the network as a whole will only be remotely accessed by authorized individuals.
TFA Scenario #2: Providing Secure Access Through a Chain of Command
The IT department of an organization supports a sensitive, offsite database server. Because of the server hosting sensitive information, the department enables two-factor authentication for TeamViewer connections to the server. Approval can only be granted from the cell phones of the senior IT leadership.
The department receives a ticket from a user that the server is producing an error. The database architect attempts to access the server via TeamViewer and receives the push notification. After verifying the device information is correct, and looking over the relevant ticket, one leader approves the connection and the DBA troubleshoots the error.
This scenario may be common in high-security, sensitive installations such as finance, health care, or public works. When it comes to a TeamViewer connection requiring authentication from staff other than the person trying to make the connection, the process may take a few extra seconds but it’s worth it to have the certainty that only authorized users are trying to make TeamViewer connections to a vital piece of infrastructure.
Most organizations use outside vendors for specialized tasks and services. Two-factor authentication also serves as a way to approve their connections to your sensitive systems, providing another layer of security on connections originating outside the company.
TFA Scenario #3: Verifying Connections by Outside Vendors or Contractors
The database administrator from scenario #2 cannot remedy the server error and must call in an outside vendor. In a rush, the DBA forgets to update senior management on the error before the vendor attempts to make a TeamViewer connection to the server. One leader denies the connection, as it was coming from an unknown device. The organization’s oversight policy states that the rest of the department is notified of a denied connection. Seeing the message from the senior leader, the DBA informs everyone of the need for the outside vendor and a second connection attempt is accepted.
We’ve made two-factor authentication on TeamViewer connections as easy as possible to set up and navigate while still providing a substantial layer of security for a crucial aspect in today’s IT environments: remote access. Although account-level two-factor authentication has been a longtime feature in TeamViewer and is a great way to keep accounts secure, connection-level TFA’s flexibility will allow for a host of use cases that should satisfy TeamViewer consumers in all types of businesses.