Two-factor Authentication

Tutorials
Written By Rachel Yang

Two-factor authentication is, simply put, an additional way to verify your identity when accessing an online service. Also called 2FA or 2-step verification, the “factor” refers to an additional piece of information you offer as proof of your authorization.

These factors are based on the following:

  • Something you know - such as a password or PIN

  • Something you have - like a key, or an encryption card, or your phone

  • Something you are - such as your fingerprint, a retina scan, your voice

  • Somewhere you are - such as your geolocation, or your proximity to another service

unsplash-image-SzG0ncGBOeo.jpg

In practice, the second factor is often implemented as a one-time PIN texted to you, or another form of validation that only you will have access to, in addition to your password. You may have seen 2FA suggested to you by your email provider, or a social media site you use. You probably have put off implementing 2FA on your accounts, thinking it’s a nuisance and an additional barrier between you and your scrolling.

Yes, it’s an extra step. 

No, it’s not foolproof. 

Yes, it can help protect your information.

Think about it this way: you most likely lock your front door at night. Can the bad guys still get in? Of course.

You might have a security system and cameras in place. Can the bad guys still get in? Yep.

You can have electric fencing, armed guards, and ravenous dogs protecting your home, but if the bad guys really want to get in, they will. The harder you make it, though, the more likely the average bad guy will try your locked door, see the security system sign in your front yard, and move on to the next house because yours, while not impenetrable, is not worth the risk.

That’s 2FA. It makes is just that much harder for cyber criminals to get to your accounts. Impenetrable? No, but harder than usual.

2FA is available on many popular sites: Google, Facebook, Instagram, LinkedIn, Twitter, Microsoft, Apple.

Do you use single sign-on using your credentials for Facebook or Google? Then you definitely want to turn on 2FA for those accounts. Especially those accounts.

Here’s why: think about the process for resetting a password on any website. You enter your email address and they send a link to your in-box; you click on the link and reset your password.

If a cyber criminal gains access to your email account, they will be able to access everything.

There are apps that make this a little easier than relying on SMS to get a security code. Duo is a popular one, and sends an alert to your phone that you can approve with a single swipe.

While I know this is an extra step when getting to your favorite apps, it’s a simple step you can take now to prevent a world of pain later.

Rachel Yang

Web designer, user experience professional, just to start…

http://www.atlenas.com
Previous

Strengthen Your Responses to Security Questions
Next

Three Ted Talks for Thinking about Your Online Footprint