Army considers additional 2FA measures
Cybercrime is more prevalent than it has ever been. Every year, the dollar value of damages done by cybersecurity will continue to rise. One way to build up walls against potential cyber attacks is to protect yourself with two-factor identification, also known as 2FA.
The United States Army, one of the country’s five branches of the military, recently announced that the agency was in the process of adding on additional measures to authenticate users. These other measures are through to give more options to soldiers who want to access the Army’s online resources without running the significant risk of getting hacked.
Roughly one full month ago, the United States Army’s Chief Information Office and its G-6-level officials began working closely with PEO EIS, better known as Program Executive Office Enterprise Information Systems, to think up new ideas that will be eventually – hopefully – be used to bolster the security of their existing multi-factor authentication protocol, also known as MFA.
Here’s what the Army’s login process is like right now
Right now, according to the Identity Management and Communications Security division chief named Thaddeus Underwood, the United States Army doesn’t have enough digital protection in the form of its login protocol.
People who want to access the system just need their username and password, providing users with a relatively weak portal to use.
Members of the United States Army who are required to log in using multi-factor authentication have to present login access portals with two of the following three things: something you own, something you consider yourself to be, and a piece of knowledge you and only you have tucked away in the folds of your brain.
Although such multi-factor authentication protocol has not yet been implemented in the United States Army, it’s likely that the protocol will be brought to fruition sometime later this year.
Another way that people can log in right now is by using their PINs, or personal identification numbers, and their Common Access Cards. Unfortunately for people who are serving the United States Army in the form of the National Guard or the Reserve, there are thousands of active soldiers who do not have steady access to the computer systems operated by the federal government.
Here’s one of the major problems that the Army is facing right now
CACs, or Common Access Cards, are needed right now for Soldiers to log in the federal government’s network of computers. However, because Soldiers don’t have the equipment that is required to read and verify Common Access Cards at home, they are not able to access such a network without showing up in person at the physical login portals.
The United States Army has narrowed down its choices to just two.
YubiKey is one of many varieties of authentication walls erected online and maintained by the pros at YubiCo, the parent company of security products like YubiKey. YubiKey is one of the two choices that the United States Army is facing itself with right now. These devices are registered ahead of time, making them easier to use.
The other choice that the Army has is to require Soldiers to log in to a mobile app that employs some of the latest forms of authentication to verify people who are trying to log in.
To log in to the United States Army’s private computer networks, Soldiers will have to log in to the real-deal, all-official Army website using their existing usernames and passwords. However, after entering such information, the site they use will trigger the production and distribution of a passcode needed to log in elsewhere that can only be used one time.
Once authenticated, they will be authorized to view their personal information on the official United States Army website.
Soldiers will have things a lot easier whenever the United States Army gets around to implementing these changes. Most Soldiers have grown tired of having to show up to Army facilities in person with their Common Access Cards to access their personal information. They want to the Army to adopt policies that mirror what’s going on in the rest of the world.
According to Mr. Thaddeus Underwood, the Army believes that the first prototype of the aforementioned mobile app will be released and tested by fall 2019.
One of the upsides of this method of logging in is that Soldiers won’t need to keep up with a physical device, something that they’d have to do with Yubi.