[2021 Issue 03] See how Zyxel Levels Up Your Security with 2FA

zyxel_Lin Posts: 73  Zyxel Employee
First Anniversary Friend Collector
edited September 2021 in Security Highlight
1. What could happen if your password gets leaked?

A nightmare for every netizen, imagine yourself turning on your laptop only to realize that you cannot access your social media accounts anymore. Your Gmail has been breached, all your hard work inaccessible, and your credit card was charged with unknown transactions. The culprit? A password leakage may be the cause of such disaster. 

- 90% of online passwords can be cracked in less than six hours. 
- Two-thirds of people use the same password everywhere.  
- 57% of people who have already been scammed in phishing attacks but still haven’t changed their passwords.  (Source: The Business Journals)

The point is that just relying on a weak password is dangerous. Many people underestimate the importance of creating strong passwords.

2. How can two-factor authentication help you?

Two-factor authentication (2FA) is an additional layer of security used to ensure authenticated users can gain access to an online account only. Initially, a user will enter their username and a password as usual. Then, rather than gaining access straight away, they will be required to provide additional credential.

This second factor could one of the followings: 

- A code from an authenticator app on your own mobile phone, or a code sent by SMS to your phone. 
- A biometric indicator, like your fingerprint (Touch ID) or facial recognition (Face I

With 2FA, a potential compromise of the password will not compromise the account itself. As a result, even if your password is stolen, or your mobile phone is astray, the chances of someone else having access to both factors is unlikely to happen.

3. What Zyxel can offer

There are a variety of scenarios you could use 2FA to protect account security in the business networks:

1.     Administrative account

Always enable 2FA when you login to your firewall. No matter if it is the web (HTTP/HTTPS), telnet, or SSH, you can use any one of these methods as a 2nd factor to have a better protect on your administrative account: email, SMS, or Google Authentication.

Enable 2FA for administrative login in the ZyWALL GUI

2.    Wireless / wired clients in the office network

Deploying Captive Portal together with the 2FA authentication, the IT professional can ensure users who they say they are at every access attempt. This is a critical element when a company wants to enforce the security policy based on Zero-Trust Security principle. Trust no one and always get authenticated before they are allowed to access the office network.

Enable 2FA for wireless/wired clients

3.    Work from home employees

To balance productivity and security, Zyxel’s Remote AP (located in the remote workplace), plus USG FLEX (located in the main office) are the ultimate for business to build a distributed network servicing remote employees. A L2 tunnel secured by strong cipher delivers streamlined working experience accessing same SSID/VLAN/application in the main office securely. With enforcement of 2FA, it greatly decreases the chance of a hacker gaining access to corporate asset or sensitive information.

4.    Mobile workforce 

For employees on the go, remote VPNs are an industry standard to improve security level. Regardless of whether you are using SSLVPN, IPsec VPN, or L2TP VPNs, always enable 2FA for the extra layer of security to protect these remote user accounts.