In the last article, we talked a bit about password managers and keeping our account secure. Two-factor authentication is another method of keeping our accounts protected that has become very popular over the last few years. In fact, in order to use many password managers, you may be required to set up two-factor authentication. It’s a great way to add another layer of security and many websites, apps and services are offering the option now. Two-factor authentication is also often commonly abbreviated as 2FA.
Data breaches are a not so rare occurrence these days, the amount of companies losing their user’s personal data seems to be increasing. That means if a company loses your data to a hacker they could use it to try and access your other accounts, in these cases, a password is not always enough. Users should consider building the habit of securing themselves with more than just a password and that could be where two-factor authentication comes in.
A factor of authentication is just a fancy way of saying a way to prove you are who you say you are. So in this instance, you are proving you are the owner of a particular account. A password is one factor of authentication. Two-factor authentication is just adding another layer onto that and a second way of proving you are who you say you are and the rightful owner of the account you are trying to log into.
The way it works in practice is when you enter the correct username and password on a website instead of gaining access right away, you will be prompted to provide another piece of information. This is commonly a code that is sent to another device you own or it could be something like a PIN number or a secret question only you know the answer to.
Let’s take a closer look at some of the different types of two-factor authentication.
This is probably the most widely used form of two-factor authentication. Similar the other methods it produces a one time use unique and random code that will allow you to log in to your account and expires after a set time. The way you use this type is to install a specific two-factor authentication app or program onto your phone or computer. Then when you open the app it will generate codes for the accounts you have linked to it.
These are physical tokens such as a key fob that will generate a unique code when activated, the code will allow a user to log in and will expire after a set amount of time, usually a minute or so.
Text Message 2FA
Simple as it sounds, your phone will receive a text with a code number. You’ll need to link your phone number with your account to do this. The code you receive will be one-time use only.
This type uses you as the unique code, maybe not as common as the other methods biometrics uses things such as your fingerprint, your eyes, your voice or even a scan of your face to confirm you are who you say you are.
Push Notification 2FA
Some websites may opt to send a notification to your phone informing you that someone is trying to log into your account. From here you can either allow or deny access. This requires no codes or additional apps.
So those are the different types of two-factor authentication currently available. Companies big and small are now offering these options and it’s highly recommended that you use one or more of these options on accounts that are particularly sensitive, especially your email and your email can be the gateway to accessing much more. Thank you for reading and stay safe.