A company has implemented a bring your own device (BYOD) policy and requires all employee mobile devices to be secured with two-factor authentication (2FA) before accessing corporate email and applications. Which of the following is the BEST method to satisfy this requirement?
Depend on a PIN code that is sent to the employee's alternate email address.
Implement a policy that solely relies on security questions for employee verification.
Utilize an authenticator app that generates time-based one-time passwords.
Require the use of SMS text message verification codes sent to the employee’s device.
Mandate that devices are protected by a fingerprint scanner only.
Enforce a rule that employees must memorize a set of complex passwords.
The use of an authenticator app that generates time-based one-time passwords (TOTPs) is considered the best practice for securing accounts with 2FA. TOTPs are more secure than SMS-based verification codes because they are not susceptible to interception or SIM swapping attacks. Additionally, TOTPs are generated by an app and do not rely on network availability, making it a more reliable choice when mobile signal is poor.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are time-based one-time passwords (TOTPs)?
Open an interactive chat with Bash
Why is SMS-based verification considered less secure?
Open an interactive chat with Bash
How does a fingerprint scanner enhance security on mobile devices?