One-factor, two-factor, red-factor, blue-factor.
When voting it is reasonable to worry about the security of someone's vote. How can we ensure that not just anyone uses a voter's access key from an email, postcard, or text message?
Thankfully there is a way to ensure that other voters do not use someone else's access key to cast a vote! A way to create even tighter security around someone's access key is to enable two-factor authentication; however, what is two-factor authentication?
Two-factor authentication requires that a person goes through two verification processes to access the application, the purchase, etc.. For example, when you unlock an iPhone device it still requires a password before purchasing from the app store. For more information check out this article: Two-Factor Authentication (2FA).
In ElectionBuddy two-factor authentication is a security process that requires the voters to verify who they are before accessing the ballot. Two-factor authentication allows the admin to ask the voter to enter information that only the voter would have access to. For example, if they have an ID number in an organization, they could use the ID number that is specific to that voter. This can be used as the password since, presumably, only that voter would know their ID number.
Another method of two-factor authentication is to use the SMS number as a way of ensuring the correct person is accessing the ballot. How this works is once the ballot is access the voter is sent a code to their mobile device. Once they receive the code they can enter it into ElectionBuddy to access their ballot.
Including two-factor authentication allows for there to be greater security surrounding each voter's vote. Security of a voter's vote is important because it ensures who accesses the ballot is the intended voter/ This is specifically handy in combating email forwarding where someone else was able to gain access to the ballot through an unintended forwarded email. Or, even a postcard that was delivered to a non-updated address on file.
For more information on two-factor authentication check out our help article! If you have any questions regarding using this feature, please feel free to reach out to us at firstname.lastname@example.org.