Two-factor authentication for improved security of EventLog Analyzer accounts
Most SIEM solutions contain a great deal of sensitive information on events happening across a network, which means ensuring secure access to these solutions is crucial for network security.
This is why EventLog Analyzer utilizes two-factor authentication to ensure that only authorized users access the solution. With two-factor authentication enabled, users are verified twice during login—once with a password and again with a one-time password (OTP) sent to a registered mobile number or email address.
Two-factor authentication can secure your sensitive data even if your password is compromised. This double authentication method is essential, because cybercriminals are constantly looking to breach networks using stolen credentials.
Do you still need two-factor authentication if you have a strong password?
A strong password is an essential part of keeping your EventLog Analyzer account safe, since this will be your first line of defense against potential attacks. But using a password alone isn't always the most effective way to secure an account. Passwords are becoming less effective because of increasingly sophisticated password cracking attacks, such as brute force, dictionary, and keylogger attacks.
Two-factor authentication eliminates the risks of password cracking attacks, since the OTP is sent directly to the user and cannot be replicated. Having multiple factors in the authentication process greatly enhances the security of an account, keeping malicious users from accessing sensitive information.
Two-factor authentication methods in EventLog Analyzer
EventLog Analyzer has a list of options to choose from to set your preferred two-factor authentication method.
When email verification is enabled, a verification code will be sent to your registered email address. This code has to be entered in addition to the password before you can log into your account.
When this feature is enabled, an SMS with the verification code will be sent to the registered mobile number. The code needs to be entered before you can log in.
With this verification method, a six-digit verification code will be generated in the Google Authenticator app. This code has to be entered in the required field before you can log in.
When the RSA SecurID feature is enabled, the security code generated by the RSA SecurID mobile app or security token sent via SMS or email will have to be entered before you can log in.
If verification via Duo Security is enabled, you can log in by entering a six-digit security code sent via SMS, phone call, or push notification from the app.
Backup verification codes
If the registered device is not available or if you are unable to receive the one-time password (OTP), backup verification codes can be used to log in. These backup codes can be generated while logging into your account for which two-factor authentication has been configured. Keeping a copy of these codes handy is a fail-safe mechanism to ensure that you can log into your account even at the event of your device getting lost.
Configuring two-factor authentication for EventLog Analyzer.