We use the Internet for almost everything from email to banking. Lets review how two factor authentication works and how it can protect you.
How does one ensure that their accounts are being kept safe at any point without risk of theft?
The truth is, the world is full of hackers trying to steal your personal information and money. They’ll go as far as to phish your information without you knowing it. However, one good way to lock down access to your accounts is by using two-factor authentication, also known as 2FA. It’s highly likely that you’ve already used 2FA without even realizing it.
High profile companies such as Google and Twitter, along with many more, have adopted this security measure. Does this make any sense to you? If not, don’t worry as we’ll elaborate more on this.
What is it?
Let’s begin by understanding what single factor authentication is. When you log into an account with just a password, this is considered to be a single factor.
However, two factor authentication is used to verify the identity of the person who they say they are logging in as with the help of an additional factor.
This additional factor can be a piece of information such as:
- An extra password, pin or pattern
- Something physical such as a phone, ATM card or fob
- Biometrics, such as voice, fingerprint or iris scanning
The additional factor forms part of the two factor verification during authentication, even if there’s no evidence of the person accessing the system being the rightful owner of the account.
Once the two factors have been successful verified, this would grant access to a computer system or website.
Example of Two Factor Authentication
An example of how Zoho uses 2 Factor Authentication
A common example is when you use an ATM machine. For this to work, you’ll obviously need an ATM card, which is one factor, and a pin as a second factor. This makes it somewhat secure, where one will not work without the other. Say if your ATM card (without long-strip) was lost or stolen, it wouldn’t be any good to whoever gained possession of it without knowing the pin. The opposite is also true, in the case of someone else knowing the pin without having the card. They would be unable to access your account.
Should you use two factor authentication?
In principle, yes. It adds an extra layer to dissuade hackers from gaining entry into your accounts. Although it isn’t necessary to use it on all of your internet accounts, enabling it on your main email account if it’s supported by your email provider and any financial accounts such as banks or credit cards is a good line of defense.
There are, of course, some downsides to two factor authentication:
- 2FA logins can take a little longer to work out to login, as the additional step can seem like an inconvenience when using something like a mobile or a fob key to generate a code.
- If any device, such as a fob or a phone is lost, you’re stuck having to find a way to log in and you’ll need to contact the company’s support.
- If a hacker gained access to your main email account, which is listed within your contact details in another important account, they can receive the account recovery email. They can then reset it causing them to bypass the 2FA of the account they’re targeting.
- A good way to prevent this is by having a smarter recovery option, such as an SMS sent to a cell phone to request any account actions.
Final Verdict
All in all, it is better to have 2FA enabled on your accounts than no additional step at all, especially if it means dissuading unauthorized access to your accounts. As 2FA has become more commonplace, it is likely that new developments in security will pave the way for more practical two factor authentication methods. It is fast becoming a necessity for both personal and business use.
For more information on using two factor authentication to protect your business and personal accounts, contact your local IT professionals.
