Two-Factor Authentication – More Secure than a User Password

To use many of the services on the Internet today, such as email, online banking or online shopping, you must first prove you are who you say you are. This process of proving your identity is known as authentication.

Traditionally, one of the most common ways of authenticating has been a username and password. The problem with using just a password for authentication is simple: all an attacker needs to do is guess or compromise your password and they gain instant access to your online account and information. If you use the same username and password for multiple accounts, the harm can be even greater. To better protect your online accounts, websites are moving to stronger authentication methods that require the use of more than one factor to authenticate.

 

Will Two-Factor Authentication Protect Me?

Think of it as entering a PIN number, then getting a retina scan, like you see in every spy movie ever made. Two-factor authentication is a simple feature that asks for more than just your password. It requires both “something you know” (like a password) and “something you have” (like your phone).

When you access your online accounts with your username and password. However, after you successfully enter the correct password, instead of going directly to your accounts the site requires a second factor of authentication, such as a verification code or your fingerprint. If you do not have the second factor then you are not granted access. This second step protects you. If an attacker has compromised your password, you and your account are still safe, as the attacker cannot complete the second step without having the second factor. It’s true that two-factor authentication is not impervious to hackers. But when you make an attack harder, you’re disabling a certain subset of the hacker community.

 

two-factor-authentication

 

How is the Technology Used?

Let’s go through an example of how two-factor authentication can work. One of the most widely used online services is Gmail. Many people authenticate to their Gmail account or other Google services with their username and password. Google now offers improved security with two-factor authentication, or what Google calls two-step verification. Google’s two-step verification requires two things for authentication: your password (something you know) and your smartphone (something you have). To prove you have your smartphone, Google will send it a one-time verification code via SMS that is unique for you. You then enter the code. Also, you can install an app that generates the unique code for you. The value of this stronger authentication is even if an attacker has compromised your Google password, they cannot access your Google accounts unless they also have physical access to your smartphone. You and your valuable information are protected.

Please keep in mind, these verification codes sent to your smartphone are different every time you authenticate. As such, you will have to go through this two-step process every time you have to authenticate to your Google account.

In addition, this feature is not enabled by default. To enable this feature, log into your Google account, go into your Account Setting, select security and follow the options for two-step verification.

 

Where Can I Use It?

Unfortunately, you can’t use two-factor authentication everywhere on the web just yet. But a lot of sites have recently implemented it, including Bank of China, Apple iCloud, Yahoo! Mail, Gmail etc. Here are some services that support two-factor authentication, you can check out here at twofactorauth.org (https:// twofactorauth.org) or you can check around the documentation of your favorite services to see if they support it.

Using a Two Factor Authentication process can help to lower the number of cases of identity theft on the Internet, as well as phishing via email, because the criminal would need more than just the users name and password details.

For every service you use that supports it, you should head over and enable two-factor authentication right now—it’s one of the best ways to keep your data (and in many cases, your money) safe. Of course, you should also make sure you use a unique, secure password for each of your accounts, so if you don’t, now’s a good time to change that.

2017-05-18T15:32:07+00:00